{"url":"http://public2.vulnerablecode.io/api/packages/95814?format=json","purl":"pkg:rpm/redhat/toolbox@0.0.99.4-6?arch=el9_3","type":"rpm","namespace":"redhat","name":"toolbox","version":"0.0.99.4-6","qualifiers":{"arch":"el9_3"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42106?format=json","vulnerability_id":"VCID-4ufj-v5z1-huec","summary":"Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24534.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24534.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24534","reference_id":"","reference_type":"","scores":[{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30809","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.3083","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30918","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30888","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30844","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30864","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30833","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30878","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00119","scoring_system":"epss","scoring_elements":"0.30921","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33669","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00137","scoring_system":"epss","scoring_elements":"0.33636","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36574","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36812","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36692","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3678","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24534"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24534","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24534"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184483","reference_id":"2184483","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184483"},{"reference_url":"https://go.dev/cl/481994","reference_id":"481994","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/"}],"url":"https://go.dev/cl/481994"},{"reference_url":"https://go.dev/issue/58975","reference_id":"58975","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/"}],"url":"https://go.dev/issue/58975"},{"reference_url":"https://pkg.go.dev/vuln/GO-2023-1704","reference_id":"GO-2023-1704","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/"}],"url":"https://pkg.go.dev/vuln/GO-2023-1704"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230526-0007/","reference_id":"ntap-20230526-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230526-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3167","reference_id":"RHSA-2023:3167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3318","reference_id":"RHSA-2023:3318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3319","reference_id":"RHSA-2023:3319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3366","reference_id":"RHSA-2023:3366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3367","reference_id":"RHSA-2023:3367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3445","reference_id":"RHSA-2023:3445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3450","reference_id":"RHSA-2023:3450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3455","reference_id":"RHSA-2023:3455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3536","reference_id":"RHSA-2023:3536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3540","reference_id":"RHSA-2023:3540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3612","reference_id":"RHSA-2023:3612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3624","reference_id":"RHSA-2023:3624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3918","reference_id":"RHSA-2023:3918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3943","reference_id":"RHSA-2023:3943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4003","reference_id":"RHSA-2023:4003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4335","reference_id":"RHSA-2023:4335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4459","reference_id":"RHSA-2023:4459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4470","reference_id":"RHSA-2023:4470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4627","reference_id":"RHSA-2023:4627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4657","reference_id":"RHSA-2023:4657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4664","reference_id":"RHSA-2023:4664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5964","reference_id":"RHSA-2023:5964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5976","reference_id":"RHSA-2023:5976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6346","reference_id":"RHSA-2023:6346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6363","reference_id":"RHSA-2023:6363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6402","reference_id":"RHSA-2023:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6420","reference_id":"RHSA-2023:6420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6473","reference_id":"RHSA-2023:6473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6474","reference_id":"RHSA-2023:6474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6832","reference_id":"RHSA-2023:6832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2944","reference_id":"RHSA-2024:2944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2944"},{"reference_url":"https://usn.ubuntu.com/6038-1/","reference_id":"USN-6038-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6038-1/"},{"reference_url":"https://usn.ubuntu.com/6038-2/","reference_id":"USN-6038-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6038-2/"},{"reference_url":"https://usn.ubuntu.com/6140-1/","reference_id":"USN-6140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6140-1/"},{"reference_url":"https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8","reference_id":"Xdv6JL9ENs8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:14:51Z/"}],"url":"https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"}],"fixed_packages":[],"aliases":["CVE-2023-24534"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ufj-v5z1-huec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48743?format=json","vulnerability_id":"VCID-a473-9skg-tkbn","summary":"Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24540.json","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24540.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24540","reference_id":"","reference_type":"","scores":[{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47834","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47856","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47804","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47857","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47853","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47877","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47846","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47802","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47863","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47917","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47911","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00246","scoring_system":"epss","scoring_elements":"0.47864","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00264","scoring_system":"epss","scoring_elements":"0.49767","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24540"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196027","reference_id":"2196027","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196027"},{"reference_url":"https://security.gentoo.org/glsa/202408-07","reference_id":"GLSA-202408-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3318","reference_id":"RHSA-2023:3318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3319","reference_id":"RHSA-2023:3319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3323","reference_id":"RHSA-2023:3323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3366","reference_id":"RHSA-2023:3366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3367","reference_id":"RHSA-2023:3367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3379","reference_id":"RHSA-2023:3379","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3379"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3409","reference_id":"RHSA-2023:3409","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3409"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3410","reference_id":"RHSA-2023:3410","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3415","reference_id":"RHSA-2023:3415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3435","reference_id":"RHSA-2023:3435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3445","reference_id":"RHSA-2023:3445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3545","reference_id":"RHSA-2023:3545","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3545"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3612","reference_id":"RHSA-2023:3612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3624","reference_id":"RHSA-2023:3624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3644","reference_id":"RHSA-2023:3644","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3644"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3905","reference_id":"RHSA-2023:3905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3910","reference_id":"RHSA-2023:3910","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3910"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3911","reference_id":"RHSA-2023:3911","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3911"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3914","reference_id":"RHSA-2023:3914","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3914"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3915","reference_id":"RHSA-2023:3915","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3915"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3918","reference_id":"RHSA-2023:3918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4289","reference_id":"RHSA-2023:4289","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4289"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4335","reference_id":"RHSA-2023:4335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4420","reference_id":"RHSA-2023:4420","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4420"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4421","reference_id":"RHSA-2023:4421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4470","reference_id":"RHSA-2023:4470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4627","reference_id":"RHSA-2023:4627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4664","reference_id":"RHSA-2023:4664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5376","reference_id":"RHSA-2023:5376","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5947","reference_id":"RHSA-2023:5947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6346","reference_id":"RHSA-2023:6346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6363","reference_id":"RHSA-2023:6363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6402","reference_id":"RHSA-2023:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6473","reference_id":"RHSA-2023:6473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6474","reference_id":"RHSA-2023:6474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2944","reference_id":"RHSA-2024:2944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4119","reference_id":"RHSA-2024:4119","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4119"},{"reference_url":"https://usn.ubuntu.com/6140-1/","reference_id":"USN-6140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6140-1/"}],"fixed_packages":[],"aliases":["CVE-2023-24540"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a473-9skg-tkbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42107?format=json","vulnerability_id":"VCID-b9yc-jqye-afan","summary":"Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24536.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24536.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24536","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.1901","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18993","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19072","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19125","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19131","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19085","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19032","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.18988","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.2163","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21688","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21468","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21373","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2148","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21486","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24536"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184482","reference_id":"2184482","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184482"},{"reference_url":"https://go.dev/cl/482075","reference_id":"482075","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/"}],"url":"https://go.dev/cl/482075"},{"reference_url":"https://go.dev/cl/482076","reference_id":"482076","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/"}],"url":"https://go.dev/cl/482076"},{"reference_url":"https://go.dev/cl/482077","reference_id":"482077","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/"}],"url":"https://go.dev/cl/482077"},{"reference_url":"https://go.dev/issue/59153","reference_id":"59153","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/"}],"url":"https://go.dev/issue/59153"},{"reference_url":"https://pkg.go.dev/vuln/GO-2023-1705","reference_id":"GO-2023-1705","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/"}],"url":"https://pkg.go.dev/vuln/GO-2023-1705"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230526-0007/","reference_id":"ntap-20230526-0007","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230526-0007/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3167","reference_id":"RHSA-2023:3167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3318","reference_id":"RHSA-2023:3318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3319","reference_id":"RHSA-2023:3319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3367","reference_id":"RHSA-2023:3367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3445","reference_id":"RHSA-2023:3445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3450","reference_id":"RHSA-2023:3450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3455","reference_id":"RHSA-2023:3455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3536","reference_id":"RHSA-2023:3536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3540","reference_id":"RHSA-2023:3540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3612","reference_id":"RHSA-2023:3612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3624","reference_id":"RHSA-2023:3624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3918","reference_id":"RHSA-2023:3918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3943","reference_id":"RHSA-2023:3943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4003","reference_id":"RHSA-2023:4003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4335","reference_id":"RHSA-2023:4335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4470","reference_id":"RHSA-2023:4470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4627","reference_id":"RHSA-2023:4627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4657","reference_id":"RHSA-2023:4657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4664","reference_id":"RHSA-2023:4664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5964","reference_id":"RHSA-2023:5964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6346","reference_id":"RHSA-2023:6346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6363","reference_id":"RHSA-2023:6363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6402","reference_id":"RHSA-2023:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6473","reference_id":"RHSA-2023:6473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6474","reference_id":"RHSA-2023:6474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2944","reference_id":"RHSA-2024:2944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2944"},{"reference_url":"https://usn.ubuntu.com/7109-1/","reference_id":"USN-7109-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7109-1/"},{"reference_url":"https://usn.ubuntu.com/7111-1/","reference_id":"USN-7111-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7111-1/"},{"reference_url":"https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8","reference_id":"Xdv6JL9ENs8","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T17:16:31Z/"}],"url":"https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"}],"fixed_packages":[],"aliases":["CVE-2023-24536"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-b9yc-jqye-afan"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42109?format=json","vulnerability_id":"VCID-evjj-hwvm-fbca","summary":"Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24538.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24538.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24538","reference_id":"","reference_type":"","scores":[{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70668","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00646","scoring_system":"epss","scoring_elements":"0.70687","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70869","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70951","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70972","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70965","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70919","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70935","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.7095","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70927","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00654","scoring_system":"epss","scoring_elements":"0.70912","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00759","scoring_system":"epss","scoring_elements":"0.73402","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00759","scoring_system":"epss","scoring_elements":"0.73395","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00759","scoring_system":"epss","scoring_elements":"0.73407","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00759","scoring_system":"epss","scoring_elements":"0.73406","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24538"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24538","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24538"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184481","reference_id":"2184481","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184481"},{"reference_url":"https://go.dev/cl/482079","reference_id":"482079","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-12T17:02:13Z/"}],"url":"https://go.dev/cl/482079"},{"reference_url":"https://go.dev/issue/59234","reference_id":"59234","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-12T17:02:13Z/"}],"url":"https://go.dev/issue/59234"},{"reference_url":"https://pkg.go.dev/vuln/GO-2023-1703","reference_id":"GO-2023-1703","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-12T17:02:13Z/"}],"url":"https://pkg.go.dev/vuln/GO-2023-1703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3318","reference_id":"RHSA-2023:3318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3319","reference_id":"RHSA-2023:3319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3323","reference_id":"RHSA-2023:3323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3366","reference_id":"RHSA-2023:3366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3367","reference_id":"RHSA-2023:3367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3445","reference_id":"RHSA-2023:3445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3450","reference_id":"RHSA-2023:3450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3455","reference_id":"RHSA-2023:3455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3536","reference_id":"RHSA-2023:3536","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3536"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3540","reference_id":"RHSA-2023:3540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3612","reference_id":"RHSA-2023:3612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3624","reference_id":"RHSA-2023:3624","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3918","reference_id":"RHSA-2023:3918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3943","reference_id":"RHSA-2023:3943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4003","reference_id":"RHSA-2023:4003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4335","reference_id":"RHSA-2023:4335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4470","reference_id":"RHSA-2023:4470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4627","reference_id":"RHSA-2023:4627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4657","reference_id":"RHSA-2023:4657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4664","reference_id":"RHSA-2023:4664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5964","reference_id":"RHSA-2023:5964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6346","reference_id":"RHSA-2023:6346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6363","reference_id":"RHSA-2023:6363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6402","reference_id":"RHSA-2023:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6473","reference_id":"RHSA-2023:6473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6474","reference_id":"RHSA-2023:6474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0746","reference_id":"RHSA-2024:0746","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0746"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2944","reference_id":"RHSA-2024:2944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2944"},{"reference_url":"https://usn.ubuntu.com/6038-1/","reference_id":"USN-6038-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6038-1/"},{"reference_url":"https://usn.ubuntu.com/6038-2/","reference_id":"USN-6038-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6038-2/"},{"reference_url":"https://usn.ubuntu.com/6140-1/","reference_id":"USN-6140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6140-1/"},{"reference_url":"https://usn.ubuntu.com/7061-1/","reference_id":"USN-7061-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7061-1/"},{"reference_url":"https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8","reference_id":"Xdv6JL9ENs8","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-12T17:02:13Z/"}],"url":"https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8"}],"fixed_packages":[],"aliases":["CVE-2023-24538"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-evjj-hwvm-fbca"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48744?format=json","vulnerability_id":"VCID-jbd8-1tkr-4bb2","summary":"Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29400.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29400.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29400","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15029","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14905","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15045","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15009","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14972","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14913","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14812","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14819","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14876","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14914","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14918","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14861","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15101","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.14994","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.15988","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29400"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29400","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29400"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196029","reference_id":"2196029","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196029"},{"reference_url":"https://go.dev/cl/491617","reference_id":"491617","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:46:30Z/"}],"url":"https://go.dev/cl/491617"},{"reference_url":"https://go.dev/issue/59722","reference_id":"59722","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:46:30Z/"}],"url":"https://go.dev/issue/59722"},{"reference_url":"https://security.gentoo.org/glsa/202408-07","reference_id":"GLSA-202408-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-07"},{"reference_url":"https://pkg.go.dev/vuln/GO-2023-1753","reference_id":"GO-2023-1753","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:46:30Z/"}],"url":"https://pkg.go.dev/vuln/GO-2023-1753"},{"reference_url":"https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU","reference_id":"MEb0UyuSMsU","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:46:30Z/"}],"url":"https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3318","reference_id":"RHSA-2023:3318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3319","reference_id":"RHSA-2023:3319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3323","reference_id":"RHSA-2023:3323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3366","reference_id":"RHSA-2023:3366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3367","reference_id":"RHSA-2023:3367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3415","reference_id":"RHSA-2023:3415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3435","reference_id":"RHSA-2023:3435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3445","reference_id":"RHSA-2023:3445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3540","reference_id":"RHSA-2023:3540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3905","reference_id":"RHSA-2023:3905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3918","reference_id":"RHSA-2023:3918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4003","reference_id":"RHSA-2023:4003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4293","reference_id":"RHSA-2023:4293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4335","reference_id":"RHSA-2023:4335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4459","reference_id":"RHSA-2023:4459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4470","reference_id":"RHSA-2023:4470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4472","reference_id":"RHSA-2023:4472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4627","reference_id":"RHSA-2023:4627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4657","reference_id":"RHSA-2023:4657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4664","reference_id":"RHSA-2023:4664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5947","reference_id":"RHSA-2023:5947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6346","reference_id":"RHSA-2023:6346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6363","reference_id":"RHSA-2023:6363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6402","reference_id":"RHSA-2023:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6473","reference_id":"RHSA-2023:6473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6474","reference_id":"RHSA-2023:6474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6832","reference_id":"RHSA-2023:6832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2944","reference_id":"RHSA-2024:2944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2944"},{"reference_url":"https://usn.ubuntu.com/6140-1/","reference_id":"USN-6140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6140-1/"}],"fixed_packages":[],"aliases":["CVE-2023-29400"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jbd8-1tkr-4bb2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42115?format=json","vulnerability_id":"VCID-rh89-8td9-tudk","summary":"Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29406.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-29406.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29406","reference_id":"","reference_type":"","scores":[{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57019","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56938","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57037","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57065","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57062","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.5704","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56973","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56992","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.56974","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57041","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57018","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57068","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.5707","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.57081","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00344","scoring_system":"epss","scoring_elements":"0.5706","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-29406"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29406","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29406"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222167","reference_id":"2222167","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2222167"},{"reference_url":"https://groups.google.com/g/golang-announce/c/2q13H6LEEx0","reference_id":"2q13H6LEEx0","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:39:42Z/"}],"url":"https://groups.google.com/g/golang-announce/c/2q13H6LEEx0"},{"reference_url":"https://go.dev/cl/506996","reference_id":"506996","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:39:42Z/"}],"url":"https://go.dev/cl/506996"},{"reference_url":"https://go.dev/issue/60374","reference_id":"60374","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:39:42Z/"}],"url":"https://go.dev/issue/60374"},{"reference_url":"https://pkg.go.dev/vuln/GO-2023-1878","reference_id":"GO-2023-1878","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:39:42Z/"}],"url":"https://pkg.go.dev/vuln/GO-2023-1878"},{"reference_url":"https://security.netapp.com/advisory/ntap-20230814-0002/","reference_id":"ntap-20230814-0002","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-07T15:39:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20230814-0002/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5530","reference_id":"RHSA-2023:5530","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5530"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5541","reference_id":"RHSA-2023:5541","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5541"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5721","reference_id":"RHSA-2023:5721","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5738","reference_id":"RHSA-2023:5738","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5738"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5933","reference_id":"RHSA-2023:5933","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5933"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5935","reference_id":"RHSA-2023:5935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5947","reference_id":"RHSA-2023:5947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5965","reference_id":"RHSA-2023:5965","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5965"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5974","reference_id":"RHSA-2023:5974","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5974"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5976","reference_id":"RHSA-2023:5976","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6031","reference_id":"RHSA-2023:6031","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6115","reference_id":"RHSA-2023:6115","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6161","reference_id":"RHSA-2023:6161","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6161"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6296","reference_id":"RHSA-2023:6296","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6296"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6298","reference_id":"RHSA-2023:6298","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6298"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6346","reference_id":"RHSA-2023:6346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6363","reference_id":"RHSA-2023:6363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6402","reference_id":"RHSA-2023:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6473","reference_id":"RHSA-2023:6473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6474","reference_id":"RHSA-2023:6474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6818","reference_id":"RHSA-2023:6818","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6840","reference_id":"RHSA-2023:6840","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6840"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7202","reference_id":"RHSA-2023:7202","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7202"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0293","reference_id":"RHSA-2024:0293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1027","reference_id":"RHSA-2024:1027","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1027"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1383","reference_id":"RHSA-2024:1383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1383"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1570","reference_id":"RHSA-2024:1570","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:1570"},{"reference_url":"https://usn.ubuntu.com/7061-1/","reference_id":"USN-7061-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7061-1/"},{"reference_url":"https://usn.ubuntu.com/7109-1/","reference_id":"USN-7109-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7109-1/"}],"fixed_packages":[],"aliases":["CVE-2023-29406"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rh89-8td9-tudk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30836?format=json","vulnerability_id":"VCID-sdd3-35ng-g7a3","summary":"golang.org/x/net vulnerable to Uncontrolled Resource Consumption\nA maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41723.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41723.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41723","reference_id":"","reference_type":"","scores":[{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.49857","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.49989","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.4994","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00265","scoring_system":"epss","scoring_elements":"0.49941","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50715","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50674","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50689","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50636","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50673","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50711","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50669","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50656","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50648","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50701","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00272","scoring_system":"epss","scoring_elements":"0.50721","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41723"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://go.dev/cl/468135","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://go.dev/cl/468135"},{"reference_url":"https://go.dev/cl/468295","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://go.dev/cl/468295"},{"reference_url":"https://go.dev/issue/57855","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://go.dev/issue/57855"},{"reference_url":"https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-41723","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-41723"},{"reference_url":"https://pkg.go.dev/vuln/GO-2023-1571","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://pkg.go.dev/vuln/GO-2023-1571"},{"reference_url":"https://security.gentoo.org/glsa/202311-09","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://security.gentoo.org/glsa/202311-09"},{"reference_url":"https://vuln.go.dev/ID/GO-2023-1571.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://vuln.go.dev/ID/GO-2023-1571.json"},{"reference_url":"https://www.couchbase.com/alerts","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.couchbase.com/alerts"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178358","reference_id":"2178358","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178358"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/","reference_id":"4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/","reference_id":"4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4MA5XS5DAOJ5PKKNG5TUXKPQOFHT5VBC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/","reference_id":"REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/","reference_id":"RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1325","reference_id":"RHSA-2023:1325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1326","reference_id":"RHSA-2023:1326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3083","reference_id":"RHSA-2023:3083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3167","reference_id":"RHSA-2023:3167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3304","reference_id":"RHSA-2023:3304","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3305","reference_id":"RHSA-2023:3305","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3367","reference_id":"RHSA-2023:3367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3445","reference_id":"RHSA-2023:3445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3447","reference_id":"RHSA-2023:3447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3450","reference_id":"RHSA-2023:3450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3455","reference_id":"RHSA-2023:3455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3495","reference_id":"RHSA-2023:3495","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3495"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3537","reference_id":"RHSA-2023:3537","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3612","reference_id":"RHSA-2023:3612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3614","reference_id":"RHSA-2023:3614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3742","reference_id":"RHSA-2023:3742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3918","reference_id":"RHSA-2023:3918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3943","reference_id":"RHSA-2023:3943","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3943"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4003","reference_id":"RHSA-2023:4003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4090","reference_id":"RHSA-2023:4090","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4090"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4091","reference_id":"RHSA-2023:4091","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4091"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4112","reference_id":"RHSA-2023:4112","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4112"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4113","reference_id":"RHSA-2023:4113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4113"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4225","reference_id":"RHSA-2023:4225","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4225"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4226","reference_id":"RHSA-2023:4226","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4226"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4293","reference_id":"RHSA-2023:4293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4335","reference_id":"RHSA-2023:4335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4421","reference_id":"RHSA-2023:4421","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4421"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4456","reference_id":"RHSA-2023:4456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4603","reference_id":"RHSA-2023:4603","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4627","reference_id":"RHSA-2023:4627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4664","reference_id":"RHSA-2023:4664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4731","reference_id":"RHSA-2023:4731","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4731"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5006","reference_id":"RHSA-2023:5006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5007","reference_id":"RHSA-2023:5007","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5007"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5233","reference_id":"RHSA-2023:5233","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5233"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5314","reference_id":"RHSA-2023:5314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5672","reference_id":"RHSA-2023:5672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6235","reference_id":"RHSA-2023:6235","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6235"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6248","reference_id":"RHSA-2023:6248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6346","reference_id":"RHSA-2023:6346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6363","reference_id":"RHSA-2023:6363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6402","reference_id":"RHSA-2023:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6473","reference_id":"RHSA-2023:6473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6474","reference_id":"RHSA-2023:6474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6832","reference_id":"RHSA-2023:6832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7058","reference_id":"RHSA-2023:7058","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7058"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7823","reference_id":"RHSA-2023:7823","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7823"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0198","reference_id":"RHSA-2024:0198","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0198"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0485","reference_id":"RHSA-2024:0485","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0485"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0948","reference_id":"RHSA-2024:0948","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0948"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2944","reference_id":"RHSA-2024:2944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2944"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3494","reference_id":"RHSA-2024:3494","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:3494"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4677","reference_id":"RHSA-2024:4677","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4677"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:1116","reference_id":"RHSA-2025:1116","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:1116"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/","reference_id":"RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RLBQ3A7ROLEQXQLXFDLNJ7MYPKG5GULE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/","reference_id":"T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/"},{"reference_url":"https://usn.ubuntu.com/7109-1/","reference_id":"USN-7109-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7109-1/"},{"reference_url":"https://usn.ubuntu.com/7111-1/","reference_id":"USN-7111-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7111-1/"},{"reference_url":"https://usn.ubuntu.com/8089-1/","reference_id":"USN-8089-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8089-1/"},{"reference_url":"https://usn.ubuntu.com/8089-2/","reference_id":"USN-8089-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8089-2/"},{"reference_url":"https://usn.ubuntu.com/8089-3/","reference_id":"USN-8089-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8089-3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/","reference_id":"XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-23T13:26:37Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/"}],"fixed_packages":[],"aliases":["CVE-2022-41723","GHSA-vvpx-j8f3-3w6h"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sdd3-35ng-g7a3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/52605?format=json","vulnerability_id":"VCID-tn6y-xfkz-83e4","summary":"yaml package for Go can consume excessive amounts of CPU or memory\nParsing malicious or large YAML documents can consume excessive amounts of CPU or memory","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3064.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3064.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3064","reference_id":"","reference_type":"","scores":[{"value":"0.0201","scoring_system":"epss","scoring_elements":"0.83734","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0201","scoring_system":"epss","scoring_elements":"0.83758","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02223","scoring_system":"epss","scoring_elements":"0.84568","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02223","scoring_system":"epss","scoring_elements":"0.84454","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02223","scoring_system":"epss","scoring_elements":"0.84532","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02223","scoring_system":"epss","scoring_elements":"0.84511","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02223","scoring_system":"epss","scoring_elements":"0.84516","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02223","scoring_system":"epss","scoring_elements":"0.84521","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02223","scoring_system":"epss","scoring_elements":"0.84502","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02223","scoring_system":"epss","scoring_elements":"0.84496","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02223","scoring_system":"epss","scoring_elements":"0.84475","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02223","scoring_system":"epss","scoring_elements":"0.84473","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02364","scoring_system":"epss","scoring_elements":"0.85007","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02364","scoring_system":"epss","scoring_elements":"0.8499","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3064"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3064","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3064"},{"reference_url":"https://github.com/go-yaml/yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/go-yaml/yaml"},{"reference_url":"https://github.com/go-yaml/yaml/commit/f221b8435cfb71e54062f6c6e99e9ade30b124d5","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:22Z/"}],"url":"https://github.com/go-yaml/yaml/commit/f221b8435cfb71e54062f6c6e99e9ade30b124d5"},{"reference_url":"https://github.com/go-yaml/yaml/releases/tag/v2.2.4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:22Z/"}],"url":"https://github.com/go-yaml/yaml/releases/tag/v2.2.4"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00001.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:22Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/07/msg00001.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3064","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-3064"},{"reference_url":"https://pkg.go.dev/vuln/GO-2022-0956","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:22Z/"}],"url":"https://pkg.go.dev/vuln/GO-2022-0956"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2163037","reference_id":"2163037","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2163037"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/","reference_id":"4SBIUECMLNC572P23DDOKJNKPJVX26SP","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4SBIUECMLNC572P23DDOKJNKPJVX26SP/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/","reference_id":"ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/","reference_id":"LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/","reference_id":"PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3XC47AUW5J5M2ULJX7WCCL3B2ETLMT/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0698","reference_id":"RHSA-2023:0698","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0698"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0778","reference_id":"RHSA-2023:0778","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0778"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0802","reference_id":"RHSA-2023:0802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0803","reference_id":"RHSA-2023:0803","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0803"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0804","reference_id":"RHSA-2023:0804","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0804"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0899","reference_id":"RHSA-2023:0899","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0899"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1014","reference_id":"RHSA-2023:1014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1275","reference_id":"RHSA-2023:1275","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1275"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2111","reference_id":"RHSA-2023:2111","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2111"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2695","reference_id":"RHSA-2023:2695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3218","reference_id":"RHSA-2023:3218","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3218"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5006","reference_id":"RHSA-2023:5006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6346","reference_id":"RHSA-2023:6346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10759","reference_id":"RHSA-2024:10759","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10759"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10784","reference_id":"RHSA-2024:10784","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:10784"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4443","reference_id":"RHSA-2024:4443","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4443"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:4631","reference_id":"RHSA-2024:4631","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:4631"},{"reference_url":"https://usn.ubuntu.com/6287-1/","reference_id":"USN-6287-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6287-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/","reference_id":"XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/","reference_id":"ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-14T17:03:22Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/"}],"fixed_packages":[],"aliases":["CVE-2022-3064","GHSA-6q6q-88xp-6f2r"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tn6y-xfkz-83e4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/48742?format=json","vulnerability_id":"VCID-uvxd-979q-ybdy","summary":"Multiple vulnerabilities have been discovered in Go, the worst of which could lead to information leakage or a denial of service.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24539.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24539.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24539","reference_id":"","reference_type":"","scores":[{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.2049","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20276","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20415","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20445","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.204","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20345","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20334","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20336","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20332","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20206","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20201","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20167","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20548","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20357","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21331","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-24539"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24539","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24539"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196026","reference_id":"2196026","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2196026"},{"reference_url":"https://go.dev/cl/491615","reference_id":"491615","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:39:35Z/"}],"url":"https://go.dev/cl/491615"},{"reference_url":"https://go.dev/issue/59720","reference_id":"59720","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:39:35Z/"}],"url":"https://go.dev/issue/59720"},{"reference_url":"https://security.gentoo.org/glsa/202408-07","reference_id":"GLSA-202408-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-07"},{"reference_url":"https://pkg.go.dev/vuln/GO-2023-1751","reference_id":"GO-2023-1751","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:39:35Z/"}],"url":"https://pkg.go.dev/vuln/GO-2023-1751"},{"reference_url":"https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU","reference_id":"MEb0UyuSMsU","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-24T16:39:35Z/"}],"url":"https://groups.google.com/g/golang-announce/c/MEb0UyuSMsU"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3318","reference_id":"RHSA-2023:3318","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3318"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3319","reference_id":"RHSA-2023:3319","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3319"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3323","reference_id":"RHSA-2023:3323","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3323"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3366","reference_id":"RHSA-2023:3366","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3366"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3367","reference_id":"RHSA-2023:3367","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3367"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3415","reference_id":"RHSA-2023:3415","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3415"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3435","reference_id":"RHSA-2023:3435","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3445","reference_id":"RHSA-2023:3445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3540","reference_id":"RHSA-2023:3540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3905","reference_id":"RHSA-2023:3905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3918","reference_id":"RHSA-2023:3918","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3918"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4003","reference_id":"RHSA-2023:4003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4293","reference_id":"RHSA-2023:4293","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4293"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4335","reference_id":"RHSA-2023:4335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4459","reference_id":"RHSA-2023:4459","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4459"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4470","reference_id":"RHSA-2023:4470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4472","reference_id":"RHSA-2023:4472","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4472"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4627","reference_id":"RHSA-2023:4627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4657","reference_id":"RHSA-2023:4657","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4657"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4664","reference_id":"RHSA-2023:4664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5947","reference_id":"RHSA-2023:5947","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5947"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6346","reference_id":"RHSA-2023:6346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6363","reference_id":"RHSA-2023:6363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6402","reference_id":"RHSA-2023:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6473","reference_id":"RHSA-2023:6473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6474","reference_id":"RHSA-2023:6474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6832","reference_id":"RHSA-2023:6832","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6832"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2944","reference_id":"RHSA-2024:2944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2944"},{"reference_url":"https://usn.ubuntu.com/6140-1/","reference_id":"USN-6140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6140-1/"}],"fixed_packages":[],"aliases":["CVE-2023-24539"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uvxd-979q-ybdy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/42104?format=json","vulnerability_id":"VCID-zg2y-sb18-p3ah","summary":"Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41725.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41725.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41725","reference_id":"","reference_type":"","scores":[{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.19854","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20099","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20103","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.201","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.19983","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.19978","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.19949","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20321","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20045","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20126","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20183","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20208","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20164","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00065","scoring_system":"epss","scoring_elements":"0.20106","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-41725"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41725","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41725"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178488","reference_id":"2178488","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2178488"},{"reference_url":"https://go.dev/cl/468124","reference_id":"468124","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:57:52Z/"}],"url":"https://go.dev/cl/468124"},{"reference_url":"https://go.dev/issue/58006","reference_id":"58006","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:57:52Z/"}],"url":"https://go.dev/issue/58006"},{"reference_url":"https://pkg.go.dev/vuln/GO-2023-1569","reference_id":"GO-2023-1569","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:57:52Z/"}],"url":"https://pkg.go.dev/vuln/GO-2023-1569"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0584","reference_id":"RHSA-2023:0584","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0584"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1325","reference_id":"RHSA-2023:1325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1326","reference_id":"RHSA-2023:1326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1639","reference_id":"RHSA-2023:1639","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1639"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1817","reference_id":"RHSA-2023:1817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2107","reference_id":"RHSA-2023:2107","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2107"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3083","reference_id":"RHSA-2023:3083","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3083"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3167","reference_id":"RHSA-2023:3167","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3445","reference_id":"RHSA-2023:3445","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3445"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3450","reference_id":"RHSA-2023:3450","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3450"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3455","reference_id":"RHSA-2023:3455","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3455"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3612","reference_id":"RHSA-2023:3612","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3612"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:3742","reference_id":"RHSA-2023:3742","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:3742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4003","reference_id":"RHSA-2023:4003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4335","reference_id":"RHSA-2023:4335","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4335"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4470","reference_id":"RHSA-2023:4470","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4470"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:4627","reference_id":"RHSA-2023:4627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:4627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5935","reference_id":"RHSA-2023:5935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5935"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:5964","reference_id":"RHSA-2023:5964","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:5964"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6346","reference_id":"RHSA-2023:6346","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6363","reference_id":"RHSA-2023:6363","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6363"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6402","reference_id":"RHSA-2023:6402","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6402"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6473","reference_id":"RHSA-2023:6473","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6473"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6474","reference_id":"RHSA-2023:6474","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6474"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6817","reference_id":"RHSA-2023:6817","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6817"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7672","reference_id":"RHSA-2023:7672","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7672"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2944","reference_id":"RHSA-2024:2944","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2944"},{"reference_url":"https://usn.ubuntu.com/6140-1/","reference_id":"USN-6140-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6140-1/"},{"reference_url":"https://usn.ubuntu.com/7109-1/","reference_id":"USN-7109-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7109-1/"},{"reference_url":"https://usn.ubuntu.com/7111-1/","reference_id":"USN-7111-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7111-1/"}],"fixed_packages":[],"aliases":["CVE-2022-41725"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zg2y-sb18-p3ah"}],"fixing_vulnerabilities":[],"risk_score":"4.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/toolbox@0.0.99.4-6%3Farch=el9_3"}