Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/glibc@2.37-19?distro=trixie

Type deb

Namespace debian

Name glibc

Version 2.37-19

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.39-4

Latest_non_vulnerable_version 2.42-16

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-cc6k-sdsc-rkhv

vulnerability_id VCID-cc6k-sdsc-rkhv

summary nscd: netgroup cache may terminate daemon on memory allocation failure The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or xrealloc and these functions may terminate the process due to a memory allocation failure resulting in a denial of service to the clients. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33601.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33601.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-33601

reference_id

reference_type

scores

value	0.00309
scoring_system	epss
scoring_elements	0.54391
published_at	2026-06-09T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54395
published_at	2026-06-05T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54404
published_at	2026-06-06T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.54393
published_at	2026-06-07T12:55:00Z

value	0.00309
scoring_system	epss
scoring_elements	0.5437
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-33601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2277205
reference_id	2277205
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2277205

reference_url

http://www.openwall.com/lists/oss-security/2024/07/22/5

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/

url

http://www.openwall.com/lists/oss-security/2024/07/22/5

reference_url

https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007

reference_id

GLIBC-SA-2024-0007

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/

url

https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0007

reference_url	https://security.gentoo.org/glsa/202405-17
reference_id	GLSA-202405-17
reference_type
scores
url	https://security.gentoo.org/glsa/202405-17

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html

reference_id

msg00026.html

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html

reference_url

https://security.netapp.com/advisory/ntap-20240524-0014/

reference_id

ntap-20240524-0014

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-05-09T17:26:01Z/

url

https://security.netapp.com/advisory/ntap-20240524-0014/

reference_url	https://access.redhat.com/errata/RHSA-2024:2799
reference_id	RHSA-2024:2799
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2799

reference_url	https://access.redhat.com/errata/RHSA-2024:3309
reference_id	RHSA-2024:3309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3309

reference_url	https://access.redhat.com/errata/RHSA-2024:3312
reference_id	RHSA-2024:3312
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3312

reference_url	https://access.redhat.com/errata/RHSA-2024:3339
reference_id	RHSA-2024:3339
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3339

reference_url	https://access.redhat.com/errata/RHSA-2024:3344
reference_id	RHSA-2024:3344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3344

reference_url	https://access.redhat.com/errata/RHSA-2024:3411
reference_id	RHSA-2024:3411
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3411

reference_url	https://access.redhat.com/errata/RHSA-2024:3423
reference_id	RHSA-2024:3423
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3423

reference_url	https://access.redhat.com/errata/RHSA-2024:3464
reference_id	RHSA-2024:3464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3464

reference_url	https://access.redhat.com/errata/RHSA-2024:3588
reference_id	RHSA-2024:3588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3588

reference_url	https://access.redhat.com/errata/RHSA-2024:4126
reference_id	RHSA-2024:4126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4126

reference_url	https://usn.ubuntu.com/6804-1/
reference_id	USN-6804-1
reference_type
scores
url	https://usn.ubuntu.com/6804-1/

fixed_packages

url	pkg:deb/debian/glibc@2.31-13%2Bdeb11u10?distro=trixie
purl	pkg:deb/debian/glibc@2.31-13%2Bdeb11u10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u10%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d6t6-2367-sybe

vulnerability	VCID-fghb-r6dz-4bgq

vulnerability	VCID-fp49-gns3-fucs

vulnerability	VCID-h47h-um3s-mfe6

vulnerability	VCID-shsv-21rq-bkg8

vulnerability	VCID-y6td-2fxp-9kaa

vulnerability	VCID-z3sn-973p-h7av

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u7?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u7%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.37-19?distro=trixie
purl	pkg:deb/debian/glibc@2.37-19?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-19%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
purl	pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u3%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-16?distro=trixie
purl	pkg:deb/debian/glibc@2.42-16?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-16%3Fdistro=trixie

aliases CVE-2024-33601

risk_score 3.3

exploitability 0.5

weighted_severity 6.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cc6k-sdsc-rkhv

url VCID-kbz7-rjq7-dkh1

vulnerability_id VCID-kbz7-rjq7-dkh1

summary nscd: netgroup cache assumes NSS callback uses in-buffer strings The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory when the NSS callback does not store all strings in the provided buffer. The flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33602.json

reference_id

reference_type

scores

value	4.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33602.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-33602

reference_id

reference_type

scores

value	0.00725
scoring_system	epss
scoring_elements	0.72996
published_at	2026-06-09T12:55:00Z

value	0.00725
scoring_system	epss
scoring_elements	0.72993
published_at	2026-06-05T12:55:00Z

value	0.00725
scoring_system	epss
scoring_elements	0.73001
published_at	2026-06-06T12:55:00Z

value	0.00725
scoring_system	epss
scoring_elements	0.72984
published_at	2026-06-07T12:55:00Z

value	0.00725
scoring_system	epss
scoring_elements	0.72971
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-33602

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2277206
reference_id	2277206
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2277206

reference_url

http://www.openwall.com/lists/oss-security/2024/07/22/5

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/

url

http://www.openwall.com/lists/oss-security/2024/07/22/5

reference_url

https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008

reference_id

GLIBC-SA-2024-0008

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/

url

https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0008

reference_url	https://security.gentoo.org/glsa/202405-17
reference_id	GLSA-202405-17
reference_type
scores
url	https://security.gentoo.org/glsa/202405-17

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html

reference_id

msg00026.html

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html

reference_url

https://security.netapp.com/advisory/ntap-20240524-0012/

reference_id

ntap-20240524-0012

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-13T16:09:29Z/

url

https://security.netapp.com/advisory/ntap-20240524-0012/

reference_url	https://access.redhat.com/errata/RHSA-2024:2799
reference_id	RHSA-2024:2799
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2799

reference_url	https://access.redhat.com/errata/RHSA-2024:3309
reference_id	RHSA-2024:3309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3309

reference_url	https://access.redhat.com/errata/RHSA-2024:3312
reference_id	RHSA-2024:3312
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3312

reference_url	https://access.redhat.com/errata/RHSA-2024:3339
reference_id	RHSA-2024:3339
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3339

reference_url	https://access.redhat.com/errata/RHSA-2024:3344
reference_id	RHSA-2024:3344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3344

reference_url	https://access.redhat.com/errata/RHSA-2024:3411
reference_id	RHSA-2024:3411
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3411

reference_url	https://access.redhat.com/errata/RHSA-2024:3423
reference_id	RHSA-2024:3423
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3423

reference_url	https://access.redhat.com/errata/RHSA-2024:3464
reference_id	RHSA-2024:3464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3464

reference_url	https://access.redhat.com/errata/RHSA-2024:3588
reference_id	RHSA-2024:3588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3588

reference_url	https://access.redhat.com/errata/RHSA-2024:4126
reference_id	RHSA-2024:4126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4126

reference_url	https://usn.ubuntu.com/6804-1/
reference_id	USN-6804-1
reference_type
scores
url	https://usn.ubuntu.com/6804-1/

fixed_packages

url	pkg:deb/debian/glibc@2.31-13%2Bdeb11u10?distro=trixie
purl	pkg:deb/debian/glibc@2.31-13%2Bdeb11u10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u10%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d6t6-2367-sybe

vulnerability	VCID-fghb-r6dz-4bgq

vulnerability	VCID-fp49-gns3-fucs

vulnerability	VCID-h47h-um3s-mfe6

vulnerability	VCID-shsv-21rq-bkg8

vulnerability	VCID-y6td-2fxp-9kaa

vulnerability	VCID-z3sn-973p-h7av

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u7?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u7%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.37-19?distro=trixie
purl	pkg:deb/debian/glibc@2.37-19?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-19%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
purl	pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u3%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-16?distro=trixie
purl	pkg:deb/debian/glibc@2.42-16?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-16%3Fdistro=trixie

aliases CVE-2024-33602

risk_score 3.4

exploitability 0.5

weighted_severity 6.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kbz7-rjq7-dkh1

url VCID-xhu3-e5t7-p3av

vulnerability_id VCID-xhu3-e5t7-p3av

summary nscd: Null pointer crashes after notfound response If the Name Service Cache Daemon's (nscd) cache fails to add a not-found netgroup response to the cache, the client request can result in a null pointer dereference. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33600.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33600.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-33600

reference_id

reference_type

scores

value	0.00667
scoring_system	epss
scoring_elements	0.71677
published_at	2026-06-09T12:55:00Z

value	0.00667
scoring_system	epss
scoring_elements	0.71687
published_at	2026-06-05T12:55:00Z

value	0.00667
scoring_system	epss
scoring_elements	0.71693
published_at	2026-06-06T12:55:00Z

value	0.00667
scoring_system	epss
scoring_elements	0.71669
published_at	2026-06-07T12:55:00Z

value	0.00667
scoring_system	epss
scoring_elements	0.71654
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-33600

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2277204
reference_id	2277204
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2277204

reference_url

http://www.openwall.com/lists/oss-security/2024/07/22/5

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/

url

http://www.openwall.com/lists/oss-security/2024/07/22/5

reference_url

https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006

reference_id

GLIBC-SA-2024-0006

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/

url

https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0006

reference_url	https://security.gentoo.org/glsa/202405-17
reference_id	GLSA-202405-17
reference_type
scores
url	https://security.gentoo.org/glsa/202405-17

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html

reference_id

msg00026.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html

reference_url

https://security.netapp.com/advisory/ntap-20240524-0013/

reference_id

ntap-20240524-0013

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-07T19:13:16Z/

url

https://security.netapp.com/advisory/ntap-20240524-0013/

reference_url	https://access.redhat.com/errata/RHSA-2024:2799
reference_id	RHSA-2024:2799
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2799

reference_url	https://access.redhat.com/errata/RHSA-2024:3309
reference_id	RHSA-2024:3309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3309

reference_url	https://access.redhat.com/errata/RHSA-2024:3312
reference_id	RHSA-2024:3312
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3312

reference_url	https://access.redhat.com/errata/RHSA-2024:3339
reference_id	RHSA-2024:3339
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3339

reference_url	https://access.redhat.com/errata/RHSA-2024:3344
reference_id	RHSA-2024:3344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3344

reference_url	https://access.redhat.com/errata/RHSA-2024:3411
reference_id	RHSA-2024:3411
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3411

reference_url	https://access.redhat.com/errata/RHSA-2024:3423
reference_id	RHSA-2024:3423
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3423

reference_url	https://access.redhat.com/errata/RHSA-2024:3464
reference_id	RHSA-2024:3464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3464

reference_url	https://access.redhat.com/errata/RHSA-2024:3588
reference_id	RHSA-2024:3588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3588

reference_url	https://access.redhat.com/errata/RHSA-2024:4126
reference_id	RHSA-2024:4126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4126

reference_url	https://usn.ubuntu.com/6804-1/
reference_id	USN-6804-1
reference_type
scores
url	https://usn.ubuntu.com/6804-1/

fixed_packages

url	pkg:deb/debian/glibc@2.31-13%2Bdeb11u10?distro=trixie
purl	pkg:deb/debian/glibc@2.31-13%2Bdeb11u10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u10%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d6t6-2367-sybe

vulnerability	VCID-fghb-r6dz-4bgq

vulnerability	VCID-fp49-gns3-fucs

vulnerability	VCID-h47h-um3s-mfe6

vulnerability	VCID-shsv-21rq-bkg8

vulnerability	VCID-y6td-2fxp-9kaa

vulnerability	VCID-z3sn-973p-h7av

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u7?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u7%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.37-19?distro=trixie
purl	pkg:deb/debian/glibc@2.37-19?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-19%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
purl	pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u3%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-16?distro=trixie
purl	pkg:deb/debian/glibc@2.42-16?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-16%3Fdistro=trixie

aliases CVE-2024-33600

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xhu3-e5t7-p3av

url VCID-znv5-34gt-5ba2

vulnerability_id VCID-znv5-34gt-5ba2

summary nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33599.json

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-33599.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-33599

reference_id

reference_type

scores

value	0.01546
scoring_system	epss
scoring_elements	0.81765
published_at	2026-06-09T12:55:00Z

value	0.01546
scoring_system	epss
scoring_elements	0.81757
published_at	2026-06-07T12:55:00Z

value	0.01546
scoring_system	epss
scoring_elements	0.81751
published_at	2026-06-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-33599

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33599

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33600

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33601

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33602

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2277202
reference_id	2277202
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2277202

reference_url

http://www.openwall.com/lists/oss-security/2024/07/22/5

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/

url

http://www.openwall.com/lists/oss-security/2024/07/22/5

reference_url

https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005

reference_id

GLIBC-SA-2024-0005

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/

url

https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2024-0005

reference_url	https://security.gentoo.org/glsa/202405-17
reference_id	GLSA-202405-17
reference_type
scores
url	https://security.gentoo.org/glsa/202405-17

reference_url

https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html

reference_id

msg00026.html

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/

url

https://lists.debian.org/debian-lts-announce/2024/06/msg00026.html

reference_url

https://security.netapp.com/advisory/ntap-20240524-0011/

reference_id

ntap-20240524-0011

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-29T19:01:02Z/

url

https://security.netapp.com/advisory/ntap-20240524-0011/

reference_url	https://access.redhat.com/errata/RHSA-2024:2799
reference_id	RHSA-2024:2799
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2799

reference_url	https://access.redhat.com/errata/RHSA-2024:3309
reference_id	RHSA-2024:3309
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3309

reference_url	https://access.redhat.com/errata/RHSA-2024:3312
reference_id	RHSA-2024:3312
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3312

reference_url	https://access.redhat.com/errata/RHSA-2024:3339
reference_id	RHSA-2024:3339
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3339

reference_url	https://access.redhat.com/errata/RHSA-2024:3344
reference_id	RHSA-2024:3344
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3344

reference_url	https://access.redhat.com/errata/RHSA-2024:3411
reference_id	RHSA-2024:3411
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3411

reference_url	https://access.redhat.com/errata/RHSA-2024:3423
reference_id	RHSA-2024:3423
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3423

reference_url	https://access.redhat.com/errata/RHSA-2024:3464
reference_id	RHSA-2024:3464
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3464

reference_url	https://access.redhat.com/errata/RHSA-2024:3588
reference_id	RHSA-2024:3588
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3588

reference_url	https://access.redhat.com/errata/RHSA-2024:4126
reference_id	RHSA-2024:4126
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4126

reference_url	https://usn.ubuntu.com/6804-1/
reference_id	USN-6804-1
reference_type
scores
url	https://usn.ubuntu.com/6804-1/

fixed_packages

url	pkg:deb/debian/glibc@2.31-13%2Bdeb11u10?distro=trixie
purl	pkg:deb/debian/glibc@2.31-13%2Bdeb11u10?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u10%3Fdistro=trixie

url pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

purl pkg:deb/debian/glibc@2.31-13%2Bdeb11u11?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-d6t6-2367-sybe

vulnerability	VCID-fghb-r6dz-4bgq

vulnerability	VCID-fp49-gns3-fucs

vulnerability	VCID-h47h-um3s-mfe6

vulnerability	VCID-shsv-21rq-bkg8

vulnerability	VCID-y6td-2fxp-9kaa

vulnerability	VCID-z3sn-973p-h7av

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.31-13%252Bdeb11u11%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u7?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u7%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
purl	pkg:deb/debian/glibc@2.36-9%2Bdeb12u14?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.36-9%252Bdeb12u14%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.37-19?distro=trixie
purl	pkg:deb/debian/glibc@2.37-19?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-19%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
purl	pkg:deb/debian/glibc@2.41-12%2Bdeb13u3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.41-12%252Bdeb13u3%3Fdistro=trixie

url	pkg:deb/debian/glibc@2.42-16?distro=trixie
purl	pkg:deb/debian/glibc@2.42-16?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.42-16%3Fdistro=trixie

aliases CVE-2024-33599

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-znv5-34gt-5ba2

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/glibc@2.37-19%3Fdistro=trixie

Package Instance