Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/glibc@2.36-9%2Bdeb12u3?distro=trixie
Typedeb
Namespacedebian
Nameglibc
Version2.36-9+deb12u3
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.36-9+deb12u4
Latest_non_vulnerable_version2.42-16
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-h9ms-69tu-dfas
vulnerability_id VCID-h9ms-69tu-dfas
summary A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4527.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4527.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4527
reference_id
reference_type
scores
0
value 0.00112
scoring_system epss
scoring_elements 0.29315
published_at 2026-06-09T12:55:00Z
1
value 0.00112
scoring_system epss
scoring_elements 0.2937
published_at 2026-06-06T12:55:00Z
2
value 0.00112
scoring_system epss
scoring_elements 0.29335
published_at 2026-06-07T12:55:00Z
3
value 0.00112
scoring_system epss
scoring_elements 0.29301
published_at 2026-06-08T12:55:00Z
4
value 0.00112
scoring_system epss
scoring_elements 0.29405
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4527
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051958
reference_id 1051958
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1051958
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2234712
reference_id 2234712
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2234712
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
13
reference_url https://access.redhat.com/security/cve/CVE-2023-4527
reference_id CVE-2023-4527
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/
url https://access.redhat.com/security/cve/CVE-2023-4527
14
reference_url https://security.gentoo.org/glsa/202310-03
reference_id GLSA-202310-03
reference_type
scores
url https://security.gentoo.org/glsa/202310-03
15
reference_url https://access.redhat.com/errata/RHSA-2023:5453
reference_id RHSA-2023:5453
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/
url https://access.redhat.com/errata/RHSA-2023:5453
16
reference_url https://access.redhat.com/errata/RHSA-2023:5455
reference_id RHSA-2023:5455
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-12-03T14:44:32Z/
url https://access.redhat.com/errata/RHSA-2023:5455
17
reference_url https://usn.ubuntu.com/6409-1/
reference_id USN-6409-1
reference_type
scores
url https://usn.ubuntu.com/6409-1/
fixed_packages
0
url pkg:deb/debian/glibc@0?distro=trixie
purl pkg:deb/debian/glibc@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@0%3Fdistro=trixie
1
url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d6t6-2367-sybe
1
vulnerability VCID-fghb-r6dz-4bgq
2
vulnerability VCID-fp49-gns3-fucs
3
vulnerability VCID-h47h-um3s-mfe6
4
vulnerability VCID-shsv-21rq-bkg8
5
vulnerability VCID-y6td-2fxp-9kaa
6
vulnerability VCID-z3sn-973p-h7av
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/glibc@2.36-9%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14%3Fdistro=trixie
4
url pkg:deb/debian/glibc@2.37-9?distro=trixie
purl pkg:deb/debian/glibc@2.37-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-9%3Fdistro=trixie
5
url pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u3%3Fdistro=trixie
6
url pkg:deb/debian/glibc@2.42-16?distro=trixie
purl pkg:deb/debian/glibc@2.42-16?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-16%3Fdistro=trixie
aliases CVE-2023-4527
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h9ms-69tu-dfas
1
url VCID-k8qs-j3ym-z7cp
vulnerability_id VCID-k8qs-j3ym-z7cp
summary A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4911.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4911.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4911
reference_id
reference_type
scores
0
value 0.60911
scoring_system epss
scoring_elements 0.9833
published_at 2026-06-07T12:55:00Z
1
value 0.62198
scoring_system epss
scoring_elements 0.98383
published_at 2026-06-08T12:55:00Z
2
value 0.6505
scoring_system epss
scoring_elements 0.98497
published_at 2026-06-05T12:55:00Z
3
value 0.6505
scoring_system epss
scoring_elements 0.98496
published_at 2026-06-09T12:55:00Z
4
value 0.71554
scoring_system epss
scoring_elements 0.98749
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4911
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4911
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2238352
reference_id 2238352
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2238352
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream
reference_id cpe:/a:redhat:rhel_eus:8.6::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
reference_id cpe:/a:redhat:rhel_eus:8.6::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream
reference_id cpe:/a:redhat:rhel_eus:9.0::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb
reference_id cpe:/a:redhat:rhel_eus:9.0::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
reference_id cpe:/o:redhat:rhel_eus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos
reference_id cpe:/o:redhat:rhel_eus:9.0::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_id cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8
20
reference_url https://www.qualys.com/cve-2023-4911/
reference_id cve-2023-4911
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/
url https://www.qualys.com/cve-2023-4911/
21
reference_url https://access.redhat.com/security/cve/CVE-2023-4911
reference_id CVE-2023-4911
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/
url https://access.redhat.com/security/cve/CVE-2023-4911
22
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52479.txt
reference_id CVE-2023-4911
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/52479.txt
23
reference_url https://security.gentoo.org/glsa/202310-03
reference_id GLSA-202310-03
reference_type
scores
url https://security.gentoo.org/glsa/202310-03
24
reference_url https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
reference_id looney-tunables-local-privilege-escalation-glibc-ld-so.txt
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/
url https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt
25
reference_url https://access.redhat.com/errata/RHSA-2023:5453
reference_id RHSA-2023:5453
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/
url https://access.redhat.com/errata/RHSA-2023:5453
26
reference_url https://access.redhat.com/errata/RHSA-2023:5454
reference_id RHSA-2023:5454
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/
url https://access.redhat.com/errata/RHSA-2023:5454
27
reference_url https://access.redhat.com/errata/RHSA-2023:5455
reference_id RHSA-2023:5455
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/
url https://access.redhat.com/errata/RHSA-2023:5455
28
reference_url https://access.redhat.com/errata/RHSA-2023:5476
reference_id RHSA-2023:5476
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/
url https://access.redhat.com/errata/RHSA-2023:5476
29
reference_url https://access.redhat.com/errata/RHSA-2024:0033
reference_id RHSA-2024:0033
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:N/T:T/P:M/B:A/M:M/D:A/2025-10-15T19:45:35Z/
url https://access.redhat.com/errata/RHSA-2024:0033
30
reference_url https://usn.ubuntu.com/6409-1/
reference_id USN-6409-1
reference_type
scores
url https://usn.ubuntu.com/6409-1/
fixed_packages
0
url pkg:deb/debian/glibc@2.31-13%2Bdeb11u7?distro=trixie
purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u7%3Fdistro=trixie
1
url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie
purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-d6t6-2367-sybe
1
vulnerability VCID-fghb-r6dz-4bgq
2
vulnerability VCID-fp49-gns3-fucs
3
vulnerability VCID-h47h-um3s-mfe6
4
vulnerability VCID-shsv-21rq-bkg8
5
vulnerability VCID-y6td-2fxp-9kaa
6
vulnerability VCID-z3sn-973p-h7av
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie
2
url pkg:deb/debian/glibc@2.36-9%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u3%3Fdistro=trixie
3
url pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14%3Fdistro=trixie
4
url pkg:deb/debian/glibc@2.37-12?distro=trixie
purl pkg:deb/debian/glibc@2.37-12?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-12%3Fdistro=trixie
5
url pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u3%3Fdistro=trixie
6
url pkg:deb/debian/glibc@2.42-16?distro=trixie
purl pkg:deb/debian/glibc@2.42-16?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-16%3Fdistro=trixie
aliases CVE-2023-4911
risk_score 10.0
exploitability 2.0
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k8qs-j3ym-z7cp
2
url VCID-y6td-2fxp-9kaa
vulnerability_id VCID-y6td-2fxp-9kaa
summary A flaw has been identified in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an application crash. This issue is only exploitable when a NSS module implements only the _nss_*_gethostbyname2_r and _nss_*_getcanonname_r hooks without implementing the _nss_*_gethostbyname3_r hook. The resolved name should return a large number of IPv6 and IPv4, and the call to the getaddrinfo function should have the AF_INET6 address family with AI_CANONNAME, AI_ALL and AI_V4MAPPED as flags.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4806.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-4806.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-4806
reference_id
reference_type
scores
0
value 0.01895
scoring_system epss
scoring_elements 0.83579
published_at 2026-06-09T12:55:00Z
1
value 0.01895
scoring_system epss
scoring_elements 0.83577
published_at 2026-06-06T12:55:00Z
2
value 0.01895
scoring_system epss
scoring_elements 0.83574
published_at 2026-06-07T12:55:00Z
3
value 0.01895
scoring_system epss
scoring_elements 0.83565
published_at 2026-06-08T12:55:00Z
4
value 0.01895
scoring_system epss
scoring_elements 0.83576
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-4806
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4806
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2237782
reference_id 2237782
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2237782
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream
reference_id cpe:/a:redhat:rhel_eus:8.6::appstream
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
reference_id cpe:/a:redhat:rhel_eus:8.6::crb
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
reference_id cpe:/o:redhat:rhel_eus:8.6::baseos
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_id cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8
17
reference_url https://access.redhat.com/security/cve/CVE-2023-4806
reference_id CVE-2023-4806
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/
url https://access.redhat.com/security/cve/CVE-2023-4806
18
reference_url https://security.gentoo.org/glsa/202310-03
reference_id GLSA-202310-03
reference_type
scores
url https://security.gentoo.org/glsa/202310-03
19
reference_url https://access.redhat.com/errata/RHBA-2024:2413
reference_id RHBA-2024:2413
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/
url https://access.redhat.com/errata/RHBA-2024:2413
20
reference_url https://access.redhat.com/errata/RHSA-2023:5453
reference_id RHSA-2023:5453
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/
url https://access.redhat.com/errata/RHSA-2023:5453
21
reference_url https://access.redhat.com/errata/RHSA-2023:5455
reference_id RHSA-2023:5455
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/
url https://access.redhat.com/errata/RHSA-2023:5455
22
reference_url https://access.redhat.com/errata/RHSA-2023:7409
reference_id RHSA-2023:7409
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-15T19:32:30Z/
url https://access.redhat.com/errata/RHSA-2023:7409
23
reference_url https://usn.ubuntu.com/6541-1/
reference_id USN-6541-1
reference_type
scores
url https://usn.ubuntu.com/6541-1/
fixed_packages
0
url pkg:deb/debian/glibc@2.36-9%2Bdeb12u3?distro=trixie
purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u3%3Fdistro=trixie
1
url pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
purl pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14%3Fdistro=trixie
2
url pkg:deb/debian/glibc@2.37-10?distro=trixie
purl pkg:deb/debian/glibc@2.37-10?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-10%3Fdistro=trixie
3
url pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
purl pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u3%3Fdistro=trixie
4
url pkg:deb/debian/glibc@2.42-16?distro=trixie
purl pkg:deb/debian/glibc@2.42-16?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-16%3Fdistro=trixie
aliases CVE-2023-4806
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y6td-2fxp-9kaa
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u3%3Fdistro=trixie