Package Instance

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/96383?format=api",
    "purl": "pkg:rpm/redhat/runc@4:1.1.9-1?arch=el9",
    "type": "rpm",
    "namespace": "redhat",
    "name": "runc",
    "version": "4:1.1.9-1",
    "qualifiers": {
        "arch": "el9"
    },
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": null,
    "latest_non_vulnerable_version": null,
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/42103?format=api",
            "vulnerability_id": "VCID-e44x-a9xm-6ke9",
            "summary": "Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41724.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-41724.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41724",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05209",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05779",
                            "published_at": "2026-05-14T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05439",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05432",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05476",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05551",
                            "published_at": "2026-05-09T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.0556",
                            "published_at": "2026-05-11T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05773",
                            "published_at": "2026-05-12T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05239",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05264",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05299",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.0532",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05285",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05271",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05257",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05201",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05203",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05358",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05396",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.0002",
                            "scoring_system": "epss",
                            "scoring_elements": "0.05438",
                            "published_at": "2026-04-26T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-41724"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41724",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41724"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492",
                    "reference_id": "2178492",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178492"
                },
                {
                    "reference_url": "https://go.dev/cl/468125",
                    "reference_id": "468125",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:56:50Z/"
                        }
                    ],
                    "url": "https://go.dev/cl/468125"
                },
                {
                    "reference_url": "https://go.dev/issue/58001",
                    "reference_id": "58001",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:56:50Z/"
                        }
                    ],
                    "url": "https://go.dev/issue/58001"
                },
                {
                    "reference_url": "https://pkg.go.dev/vuln/GO-2023-1570",
                    "reference_id": "GO-2023-1570",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-07T17:56:50Z/"
                        }
                    ],
                    "url": "https://pkg.go.dev/vuln/GO-2023-1570"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:0584",
                    "reference_id": "RHSA-2023:0584",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:0584"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:1325",
                    "reference_id": "RHSA-2023:1325",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:1325"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:1326",
                    "reference_id": "RHSA-2023:1326",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:1326"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:1329",
                    "reference_id": "RHSA-2023:1329",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:1329"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:1639",
                    "reference_id": "RHSA-2023:1639",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:1639"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:1817",
                    "reference_id": "RHSA-2023:1817",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:1817"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:2107",
                    "reference_id": "RHSA-2023:2107",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:2107"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:3083",
                    "reference_id": "RHSA-2023:3083",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:3083"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:3167",
                    "reference_id": "RHSA-2023:3167",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:3167"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:3303",
                    "reference_id": "RHSA-2023:3303",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:3303"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:3366",
                    "reference_id": "RHSA-2023:3366",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:3366"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:3445",
                    "reference_id": "RHSA-2023:3445",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:3445"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:3450",
                    "reference_id": "RHSA-2023:3450",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:3450"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:3455",
                    "reference_id": "RHSA-2023:3455",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:3455"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:3612",
                    "reference_id": "RHSA-2023:3612",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:3612"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:3742",
                    "reference_id": "RHSA-2023:3742",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:3742"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:4003",
                    "reference_id": "RHSA-2023:4003",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:4003"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:4335",
                    "reference_id": "RHSA-2023:4335",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:4335"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:4470",
                    "reference_id": "RHSA-2023:4470",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:4470"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:4627",
                    "reference_id": "RHSA-2023:4627",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:4627"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:5935",
                    "reference_id": "RHSA-2023:5935",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:5935"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:5964",
                    "reference_id": "RHSA-2023:5964",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:5964"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:5976",
                    "reference_id": "RHSA-2023:5976",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:5976"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6363",
                    "reference_id": "RHSA-2023:6363",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6363"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6380",
                    "reference_id": "RHSA-2023:6380",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6380"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6402",
                    "reference_id": "RHSA-2023:6402",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6402"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6473",
                    "reference_id": "RHSA-2023:6473",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6473"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6474",
                    "reference_id": "RHSA-2023:6474",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6474"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6817",
                    "reference_id": "RHSA-2023:6817",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6817"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6938",
                    "reference_id": "RHSA-2023:6938",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6938"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6939",
                    "reference_id": "RHSA-2023:6939",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6939"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:7672",
                    "reference_id": "RHSA-2023:7672",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:7672"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2024:2944",
                    "reference_id": "RHSA-2024:2944",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2024:2944"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/6140-1/",
                    "reference_id": "USN-6140-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/6140-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/7109-1/",
                    "reference_id": "USN-7109-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/7109-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/7111-1/",
                    "reference_id": "USN-7111-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/7111-1/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2022-41724"
            ],
            "risk_score": 3.4,
            "exploitability": "0.5",
            "weighted_severity": "6.8",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e44x-a9xm-6ke9"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31817?format=api",
            "vulnerability_id": "VCID-jc1e-8tt4-xqdn",
            "summary": "Opencontainers runc Incorrect Authorization vulnerability\nrunc 1.0.0-rc95 through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to `libcontainer/rootfs_linux.go`. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. NOTE: this issue exists because of a CVE-2019-19921 regression.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27561.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27561.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27561",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.34645",
                            "published_at": "2026-05-14T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.34577",
                            "published_at": "2026-05-12T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.35118",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.35099",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.35095",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.35147",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.35025",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.35069",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.34552",
                            "published_at": "2026-05-11T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.34654",
                            "published_at": "2026-05-09T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.34617",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.34545",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.34675",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.34767",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.34785",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.35018",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.35064",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.35079",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.3504",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00146",
                            "scoring_system": "epss",
                            "scoring_elements": "0.35065",
                            "published_at": "2026-04-12T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-27561"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27561"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"
                        }
                    ],
                    "url": "https://gist.github.com/LiveOverflow/c937820b688922eb127fb760ce06dab9"
                },
                {
                    "reference_url": "https://github.com/opencontainers/runc",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/opencontainers/runc"
                },
                {
                    "reference_url": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"
                        }
                    ],
                    "url": "https://github.com/opencontainers/runc/issues/2197#issuecomment-1437617334"
                },
                {
                    "reference_url": "https://github.com/opencontainers/runc/issues/3751",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"
                        }
                    ],
                    "url": "https://github.com/opencontainers/runc/issues/3751"
                },
                {
                    "reference_url": "https://github.com/opencontainers/runc/pull/3785",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/opencontainers/runc/pull/3785"
                },
                {
                    "reference_url": "https://github.com/opencontainers/runc/releases/tag/v1.1.5",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/opencontainers/runc/releases/tag/v1.1.5"
                },
                {
                    "reference_url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"
                        }
                    ],
                    "url": "https://lists.debian.org/debian-lts-announce/2023/03/msg00023.html"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27561",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-27561"
                },
                {
                    "reference_url": "https://security.netapp.com/advisory/ntap-20241206-0004",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.0",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.netapp.com/advisory/ntap-20241206-0004"
                },
                {
                    "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033520",
                    "reference_id": "1033520",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1033520"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175721",
                    "reference_id": "2175721",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2175721"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/",
                    "reference_id": "ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ANUGDBJ7NBUMSUFZUSKU3ZMQYZ2Z3STN/"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/",
                    "reference_id": "DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DHGVGGMKGZSJ7YO67TGGPFEHBYMS63VF/"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/",
                    "reference_id": "FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNB2UEDIIJCRQW4WJLZOPQJZXCVSXMLD/"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/",
                    "reference_id": "FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FYVE3GB4OG3BNT5DLQHYO4M5SXX33AQ5/"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/202408-25",
                    "reference_id": "GLSA-202408-25",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/202408-25"
                },
                {
                    "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/",
                    "reference_id": "I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T04:00:21Z/"
                        }
                    ],
                    "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/I6BF24VCZRFTYBTT3T7HDZUOTKOTNPLZ/"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:1326",
                    "reference_id": "RHSA-2023:1326",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:1326"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:3612",
                    "reference_id": "RHSA-2023:3612",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:3612"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:5006",
                    "reference_id": "RHSA-2023:5006",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:5006"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6380",
                    "reference_id": "RHSA-2023:6380",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6380"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6938",
                    "reference_id": "RHSA-2023:6938",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6938"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6939",
                    "reference_id": "RHSA-2023:6939",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6939"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/6088-1/",
                    "reference_id": "USN-6088-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/6088-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/6088-2/",
                    "reference_id": "USN-6088-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/6088-2/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2023-27561",
                "GHSA-vpvm-3wq2-2wvm"
            ],
            "risk_score": 4.0,
            "exploitability": "0.5",
            "weighted_severity": "8.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jc1e-8tt4-xqdn"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/31360?format=api",
            "vulnerability_id": "VCID-seds-dzew-jyfs",
            "summary": "runc AppArmor bypass with symlinked /proc\n### Impact\nIt was found that AppArmor, and potentially SELinux, can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration.\n\n### Patches\nFixed in runc v1.1.5, by prohibiting symlinked `/proc`: https://github.com/opencontainers/runc/pull/3785\n\nThis PR fixes CVE-2023-27561 as well.\n\n### Workarounds\nAvoid using an untrusted container image.",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28642.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "7.8",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28642.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28642",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00011",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01328",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01813",
                            "published_at": "2026-05-14T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01752",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.0175",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01739",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.0174",
                            "published_at": "2026-04-18T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01825",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01815",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01811",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01857",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01817",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01804",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01822",
                            "published_at": "2026-05-09T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01826",
                            "published_at": "2026-05-11T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01805",
                            "published_at": "2026-05-12T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01755",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01759",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01767",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00012",
                            "scoring_system": "epss",
                            "scoring_elements": "0.01762",
                            "published_at": "2026-04-11T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-28642"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://github.com/opencontainers/runc",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/opencontainers/runc"
                },
                {
                    "reference_url": "https://github.com/opencontainers/runc/pull/3785",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:47Z/"
                        }
                    ],
                    "url": "https://github.com/opencontainers/runc/pull/3785"
                },
                {
                    "reference_url": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:47Z/"
                        }
                    ],
                    "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28642",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28642"
                },
                {
                    "reference_url": "https://security.netapp.com/advisory/ntap-20241206-0005",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.1",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://security.netapp.com/advisory/ntap-20241206-0005"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182883",
                    "reference_id": "2182883",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182883"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/202408-25",
                    "reference_id": "GLSA-202408-25",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/202408-25"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:1326",
                    "reference_id": "RHSA-2023:1326",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:1326"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6380",
                    "reference_id": "RHSA-2023:6380",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6380"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6938",
                    "reference_id": "RHSA-2023:6938",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6938"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6939",
                    "reference_id": "RHSA-2023:6939",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6939"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2024:0564",
                    "reference_id": "RHSA-2024:0564",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2024:0564"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/6088-1/",
                    "reference_id": "USN-6088-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/6088-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/6088-2/",
                    "reference_id": "USN-6088-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/6088-2/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2023-28642",
                "GHSA-g2j6-57v7-gm8c"
            ],
            "risk_score": 3.5,
            "exploitability": "0.5",
            "weighted_severity": "7.0",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-seds-dzew-jyfs"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30928?format=api",
            "vulnerability_id": "VCID-v2ys-xbn5-guh4",
            "summary": "rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc\n### Impact\nIt was found that rootless runc makes `/sys/fs/cgroup` writable in following conditons:\n1. when runc is executed inside the user namespace, and the `config.json` does not specify the cgroup namespace to be unshared (e.g.., `(docker|podman|nerdctl) run --cgroupns=host`, with Rootless Docker/Podman/nerdctl)\n2. or, when runc is executed outside the user namespace, and `/sys` is mounted with `rbind, ro` (e.g., `runc spec --rootless`; this condition is very rare)\n\nA container may gain the write access to user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host .\nOther users's cgroup hierarchies are not affected.\n\n### Patches\nv1.1.5 (planned)\n\n### Workarounds\n- Condition 1: Unshare the cgroup namespace (`(docker|podman|nerdctl) run --cgroupns=private)`. This is the default behavior of Docker/Podman/nerdctl on cgroup v2 hosts.\n- Condition 2 (very rare): add `/sys/fs/cgroup` to `maskedPaths`",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25809.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.3",
                            "scoring_system": "cvssv3",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L"
                        }
                    ],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-25809.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25809",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00034",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10115",
                            "published_at": "2026-04-13T12:55:00Z"
                        },
                        {
                            "value": "0.00034",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10136",
                            "published_at": "2026-04-12T12:55:00Z"
                        },
                        {
                            "value": "0.00034",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10176",
                            "published_at": "2026-04-11T12:55:00Z"
                        },
                        {
                            "value": "0.00034",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10045",
                            "published_at": "2026-04-02T12:55:00Z"
                        },
                        {
                            "value": "0.00034",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10077",
                            "published_at": "2026-04-08T12:55:00Z"
                        },
                        {
                            "value": "0.00034",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10001",
                            "published_at": "2026-04-07T12:55:00Z"
                        },
                        {
                            "value": "0.00034",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10103",
                            "published_at": "2026-04-04T12:55:00Z"
                        },
                        {
                            "value": "0.00034",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10138",
                            "published_at": "2026-04-09T12:55:00Z"
                        },
                        {
                            "value": "0.00037",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11003",
                            "published_at": "2026-05-14T12:55:00Z"
                        },
                        {
                            "value": "0.00037",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10769",
                            "published_at": "2026-04-29T12:55:00Z"
                        },
                        {
                            "value": "0.00037",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10712",
                            "published_at": "2026-05-05T12:55:00Z"
                        },
                        {
                            "value": "0.00037",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10847",
                            "published_at": "2026-05-07T12:55:00Z"
                        },
                        {
                            "value": "0.00037",
                            "scoring_system": "epss",
                            "scoring_elements": "0.1092",
                            "published_at": "2026-05-09T12:55:00Z"
                        },
                        {
                            "value": "0.00037",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10905",
                            "published_at": "2026-05-11T12:55:00Z"
                        },
                        {
                            "value": "0.00037",
                            "scoring_system": "epss",
                            "scoring_elements": "0.10951",
                            "published_at": "2026-05-12T12:55:00Z"
                        },
                        {
                            "value": "0.0004",
                            "scoring_system": "epss",
                            "scoring_elements": "0.1195",
                            "published_at": "2026-04-16T12:55:00Z"
                        },
                        {
                            "value": "0.0004",
                            "scoring_system": "epss",
                            "scoring_elements": "0.12007",
                            "published_at": "2026-04-26T12:55:00Z"
                        },
                        {
                            "value": "0.0004",
                            "scoring_system": "epss",
                            "scoring_elements": "0.12039",
                            "published_at": "2026-04-24T12:55:00Z"
                        },
                        {
                            "value": "0.0004",
                            "scoring_system": "epss",
                            "scoring_elements": "0.12063",
                            "published_at": "2026-04-21T12:55:00Z"
                        },
                        {
                            "value": "0.0004",
                            "scoring_system": "epss",
                            "scoring_elements": "0.11946",
                            "published_at": "2026-04-18T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-25809"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25809"
                },
                {
                    "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        }
                    ],
                    "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"
                },
                {
                    "reference_url": "https://github.com/opencontainers/runc",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/opencontainers/runc"
                },
                {
                    "reference_url": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        },
                        {
                            "value": "5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:19Z/"
                        }
                    ],
                    "url": "https://github.com/opencontainers/runc/commit/0d62b950e60f6980b54fe3bafd9a9c608dc1df17"
                },
                {
                    "reference_url": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        },
                        {
                            "value": "5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:L"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        },
                        {
                            "value": "Track",
                            "scoring_system": "ssvc",
                            "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:19Z/"
                        }
                    ],
                    "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-m8cg-xc2p-r3fc"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25809",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.5",
                            "scoring_system": "cvssv3.1",
                            "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:L"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-25809"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182884",
                    "reference_id": "2182884",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2182884"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/202408-25",
                    "reference_id": "GLSA-202408-25",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/202408-25"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:1326",
                    "reference_id": "RHSA-2023:1326",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:1326"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6380",
                    "reference_id": "RHSA-2023:6380",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6380"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6938",
                    "reference_id": "RHSA-2023:6938",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6938"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2023:6939",
                    "reference_id": "RHSA-2023:6939",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2023:6939"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/6088-1/",
                    "reference_id": "USN-6088-1",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/6088-1/"
                },
                {
                    "reference_url": "https://usn.ubuntu.com/6088-2/",
                    "reference_id": "USN-6088-2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://usn.ubuntu.com/6088-2/"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2023-25809",
                "GHSA-m8cg-xc2p-r3fc"
            ],
            "risk_score": 2.9,
            "exploitability": "0.5",
            "weighted_severity": "5.7",
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v2ys-xbn5-guh4"
        }
    ],
    "fixing_vulnerabilities": [],
    "risk_score": "4.0",
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@4:1.1.9-1%3Farch=el9"
}