Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-f8ak-21d8-juff

Summary

Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON
The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.

Aliases

alias	CVE-2024-24786

alias	GHSA-8r3f-844c-mc37

Fixed_packages

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=armhf&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=armhf&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=armhf&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=ppc64le&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=ppc64le&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=riscv64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=riscv64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=riscv64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=s390x&distroversion=edge&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=s390x&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=s390x&distroversion=edge&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=aarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=riscv64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=riscv64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=riscv64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=s390x&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=s390x&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=s390x&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=ppc64le&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=ppc64le&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=x86&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=x86&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86&distroversion=edge&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=x86&distroversion=edge&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=armhf&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=armhf&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=armhf&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=loongarch64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=loongarch64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=riscv64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=riscv64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=riscv64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86_64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86_64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=x86_64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=aarch64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=s390x&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=s390x&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=s390x&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=armhf&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=armhf&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=armhf&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=armhf&distroversion=edge&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=armhf&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=armhf&distroversion=edge&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=loongarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=loongarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=loongarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=armv7&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=armv7&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=ppc64le&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=ppc64le&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=s390x&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=s390x&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=s390x&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=x86&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=armv7&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=armv7&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=armv7&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=ppc64le&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=ppc64le&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86_64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86_64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=x86_64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86_64&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86_64&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=x86_64&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=aarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=riscv64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=riscv64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=riscv64&distroversion=edge&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86_64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86_64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=x86_64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=armv7&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=armv7&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=armv7&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=loongarch64&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=loongarch64&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=riscv64&distroversion=v3.20&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=riscv64&distroversion=v3.20&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=riscv64&distroversion=v3.20&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=loongarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=loongarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=s390x&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=s390x&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=s390x&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=aarch64&distroversion=edge&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=armv7&distroversion=edge&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=armv7&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=armv7&distroversion=edge&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86&distroversion=v3.22&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86&distroversion=v3.22&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=x86&distroversion=v3.22&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=armhf&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=armhf&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=armhf&distroversion=v3.21&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.23&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=aarch64&distroversion=v3.23&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=aarch64&distroversion=v3.23&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=ppc64le&distroversion=edge&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=ppc64le&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=ppc64le&distroversion=edge&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86_64&distroversion=edge&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=x86_64&distroversion=edge&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=x86_64&distroversion=edge&reponame=community

url	pkg:apk/alpine/buildah@1.35.4-r0?arch=armv7&distroversion=v3.21&reponame=community
purl	pkg:apk/alpine/buildah@1.35.4-r0?arch=armv7&distroversion=v3.21&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.35.4-r0%3Farch=armv7&distroversion=v3.21&reponame=community

url	pkg:deb/debian/golang-google-protobuf@1.33.0-1?distro=trixie
purl	pkg:deb/debian/golang-google-protobuf@1.33.0-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-google-protobuf@1.33.0-1%3Fdistro=trixie

url	pkg:deb/debian/golang-google-protobuf@1.36.5-1
purl	pkg:deb/debian/golang-google-protobuf@1.36.5-1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-google-protobuf@1.36.5-1

url	pkg:deb/debian/golang-google-protobuf@1.36.5-1?distro=trixie
purl	pkg:deb/debian/golang-google-protobuf@1.36.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-google-protobuf@1.36.5-1%3Fdistro=trixie

url	pkg:deb/debian/golang-google-protobuf@1.36.7-1?distro=trixie
purl	pkg:deb/debian/golang-google-protobuf@1.36.7-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-google-protobuf@1.36.7-1%3Fdistro=trixie

url	pkg:ebuild/app-containers/buildah@1.35.3
purl	pkg:ebuild/app-containers/buildah@1.35.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/buildah@1.35.3

url	pkg:ebuild/app-containers/podman@4.9.4
purl	pkg:ebuild/app-containers/podman@4.9.4
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/podman@4.9.4

url	pkg:golang/google.golang.org/protobuf@1.33.0
purl	pkg:golang/google.golang.org/protobuf@1.33.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:golang/google.golang.org/protobuf@1.33.0

url	pkg:golang/google.golang.org/protobuf/encoding/protojson@1.33.0
purl	pkg:golang/google.golang.org/protobuf/encoding/protojson@1.33.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:golang/google.golang.org/protobuf/encoding/protojson@1.33.0

url	pkg:golang/google.golang.org/protobuf/internal/encoding/json@1.33.0
purl	pkg:golang/google.golang.org/protobuf/internal/encoding/json@1.33.0
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:golang/google.golang.org/protobuf/internal/encoding/json@1.33.0

Affected_packages

url pkg:deb/debian/golang-google-protobuf@1.25.0%2Bgit20201208.160c747-1?distro=trixie

purl pkg:deb/debian/golang-google-protobuf@1.25.0%2Bgit20201208.160c747-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-google-protobuf@1.25.0%252Bgit20201208.160c747-1%3Fdistro=trixie

url pkg:deb/debian/golang-google-protobuf@1.25.0%2Bgit20201208.160c747-1

purl pkg:deb/debian/golang-google-protobuf@1.25.0%2Bgit20201208.160c747-1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-google-protobuf@1.25.0%252Bgit20201208.160c747-1

url pkg:deb/debian/golang-google-protobuf@1.28.1-3?distro=trixie

purl pkg:deb/debian/golang-google-protobuf@1.28.1-3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-google-protobuf@1.28.1-3%3Fdistro=trixie

url pkg:deb/debian/golang-google-protobuf@1.28.1-3

purl pkg:deb/debian/golang-google-protobuf@1.28.1-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/golang-google-protobuf@1.28.1-3

url pkg:rpm/redhat/buildah@2:1.33.7-1?arch=el9_4

purl pkg:rpm/redhat/buildah@2:1.33.7-1?arch=el9_4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@2:1.33.7-1%3Farch=el9_4

url pkg:rpm/redhat/cri-o@1.25.3-5.2.rhaos4.12.git44a2cb2?arch=el9

purl pkg:rpm/redhat/cri-o@1.25.3-5.2.rhaos4.12.git44a2cb2?arch=el9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6nrn-u58x-mben

vulnerability	VCID-bq1t-9nnj-mkes

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cri-o@1.25.3-5.2.rhaos4.12.git44a2cb2%3Farch=el9

url pkg:rpm/redhat/cri-o@1.26.5-10.rhaos4.13.gita08b329?arch=el8

purl pkg:rpm/redhat/cri-o@1.26.5-10.rhaos4.13.gita08b329?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bq1t-9nnj-mkes

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cri-o@1.26.5-10.rhaos4.13.gita08b329%3Farch=el8

url pkg:rpm/redhat/cri-o@1.27.4-5.rhaos4.14.git8d40fed?arch=el8

purl pkg:rpm/redhat/cri-o@1.27.4-5.rhaos4.14.git8d40fed?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cri-o@1.27.4-5.rhaos4.14.git8d40fed%3Farch=el8

url pkg:rpm/redhat/cri-o@1.28.4-8.rhaos4.15.git24f50b9?arch=el8

purl pkg:rpm/redhat/cri-o@1.28.4-8.rhaos4.15.git24f50b9?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-6nrn-u58x-mben

vulnerability	VCID-bq1t-9nnj-mkes

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cri-o@1.28.4-8.rhaos4.15.git24f50b9%3Farch=el8

url pkg:rpm/redhat/cri-tools@1.29.0-3.1?arch=el8

purl pkg:rpm/redhat/cri-tools@1.29.0-3.1?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4psv-cefc-7kad

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-wq29-hzz2-5beh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cri-tools@1.29.0-3.1%3Farch=el8

url pkg:rpm/redhat/jenkins@2.440.3.1716387933-3?arch=el8

purl pkg:rpm/redhat/jenkins@2.440.3.1716387933-3?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3cnb-4rqk-zbez

vulnerability	VCID-5qhm-ase5-5qhy

vulnerability	VCID-6rup-vv6d-eqd8

vulnerability	VCID-acdw-t3mm-wbhb

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-qnbx-c635-hqer

vulnerability	VCID-s4j7-r6m7-tyey

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.440.3.1716387933-3%3Farch=el8

url pkg:rpm/redhat/jenkins@2.440.3.1716445150-3?arch=el8

purl pkg:rpm/redhat/jenkins@2.440.3.1716445150-3?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3cnb-4rqk-zbez

vulnerability	VCID-5qhm-ase5-5qhy

vulnerability	VCID-6rup-vv6d-eqd8

vulnerability	VCID-acdw-t3mm-wbhb

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-qnbx-c635-hqer

vulnerability	VCID-s4j7-r6m7-tyey

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.440.3.1716445150-3%3Farch=el8

url pkg:rpm/redhat/jenkins@2.440.3.1716445200-3?arch=el8

purl pkg:rpm/redhat/jenkins@2.440.3.1716445200-3?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3cnb-4rqk-zbez

vulnerability	VCID-5qhm-ase5-5qhy

vulnerability	VCID-6rup-vv6d-eqd8

vulnerability	VCID-acdw-t3mm-wbhb

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-qnbx-c635-hqer

vulnerability	VCID-s4j7-r6m7-tyey

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.440.3.1716445200-3%3Farch=el8

url pkg:rpm/redhat/jenkins@2.440.3.1718879390-3?arch=el8

purl pkg:rpm/redhat/jenkins@2.440.3.1718879390-3?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3cnb-4rqk-zbez

vulnerability	VCID-5qhm-ase5-5qhy

vulnerability	VCID-6rup-vv6d-eqd8

vulnerability	VCID-acdw-t3mm-wbhb

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-qnbx-c635-hqer

vulnerability	VCID-s4j7-r6m7-tyey

vulnerability	VCID-tsgr-5mwt-jkeh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.440.3.1718879390-3%3Farch=el8

url pkg:rpm/redhat/jenkins-2-plugins@4.12.1716445211-1?arch=el8

purl pkg:rpm/redhat/jenkins-2-plugins@4.12.1716445211-1?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3cnb-4rqk-zbez

vulnerability	VCID-5qhm-ase5-5qhy

vulnerability	VCID-6rup-vv6d-eqd8

vulnerability	VCID-acdw-t3mm-wbhb

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-qnbx-c635-hqer

vulnerability	VCID-s4j7-r6m7-tyey

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.12.1716445211-1%3Farch=el8

url pkg:rpm/redhat/jenkins-2-plugins@4.13.1716445207-1?arch=el8

purl pkg:rpm/redhat/jenkins-2-plugins@4.13.1716445207-1?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3cnb-4rqk-zbez

vulnerability	VCID-5qhm-ase5-5qhy

vulnerability	VCID-6rup-vv6d-eqd8

vulnerability	VCID-acdw-t3mm-wbhb

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-qnbx-c635-hqer

vulnerability	VCID-s4j7-r6m7-tyey

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.13.1716445207-1%3Farch=el8

url pkg:rpm/redhat/jenkins-2-plugins@4.14.1716388016-1?arch=el8

purl pkg:rpm/redhat/jenkins-2-plugins@4.14.1716388016-1?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3cnb-4rqk-zbez

vulnerability	VCID-5qhm-ase5-5qhy

vulnerability	VCID-6rup-vv6d-eqd8

vulnerability	VCID-acdw-t3mm-wbhb

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-qnbx-c635-hqer

vulnerability	VCID-s4j7-r6m7-tyey

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.14.1716388016-1%3Farch=el8

url pkg:rpm/redhat/jenkins-2-plugins@4.15.1718879538-1?arch=el8

purl pkg:rpm/redhat/jenkins-2-plugins@4.15.1718879538-1?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3cnb-4rqk-zbez

vulnerability	VCID-5qhm-ase5-5qhy

vulnerability	VCID-6rup-vv6d-eqd8

vulnerability	VCID-acdw-t3mm-wbhb

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-jzn6-bzzf-nugp

vulnerability	VCID-qnbx-c635-hqer

vulnerability	VCID-s4j7-r6m7-tyey

vulnerability	VCID-tsgr-5mwt-jkeh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.15.1718879538-1%3Farch=el8

url pkg:rpm/redhat/microshift@4.16.0-202406260523.p0.gc5a37df.assembly.4.16.0?arch=el9

purl pkg:rpm/redhat/microshift@4.16.0-202406260523.p0.gc5a37df.assembly.4.16.0?arch=el9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-pjvk-1xxm-87d8

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/microshift@4.16.0-202406260523.p0.gc5a37df.assembly.4.16.0%3Farch=el9

url pkg:rpm/redhat/openshift@4.12.0-202406040636.p0.g306a47e.assembly.stream?arch=el8

purl pkg:rpm/redhat/openshift@4.12.0-202406040636.p0.g306a47e.assembly.stream?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift@4.12.0-202406040636.p0.g306a47e.assembly.stream%3Farch=el8

url pkg:rpm/redhat/ose-azure-acr-image-credential-provider@4.16.0-202404301345.p0.g0e95532.assembly.stream?arch=el8

purl pkg:rpm/redhat/ose-azure-acr-image-credential-provider@4.16.0-202404301345.p0.g0e95532.assembly.stream?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4psv-cefc-7kad

vulnerability	VCID-86md-jx8m-1kck

vulnerability	VCID-djny-bnab-ykaw

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-h93z-zvkv-cyed

vulnerability	VCID-wq29-hzz2-5beh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ose-azure-acr-image-credential-provider@4.16.0-202404301345.p0.g0e95532.assembly.stream%3Farch=el8

url pkg:rpm/redhat/ose-gcp-gcr-image-credential-provider@4.16.0-202404181812.p0.g26b43df.assembly.stream?arch=el8

purl pkg:rpm/redhat/ose-gcp-gcr-image-credential-provider@4.16.0-202404181812.p0.g26b43df.assembly.stream?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4psv-cefc-7kad

vulnerability	VCID-86md-jx8m-1kck

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-h93z-zvkv-cyed

vulnerability	VCID-wq29-hzz2-5beh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ose-gcp-gcr-image-credential-provider@4.16.0-202404181812.p0.g26b43df.assembly.stream%3Farch=el8

url pkg:rpm/redhat/podman@4:4.9.4-3?arch=el9_4

purl pkg:rpm/redhat/podman@4:4.9.4-3?arch=el9_4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-gyyv-8fkv-syh5

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@4:4.9.4-3%3Farch=el9_4

url pkg:rpm/redhat/podman@4:4.9.4-5.1.rhaos4.16?arch=el8

purl pkg:rpm/redhat/podman@4:4.9.4-5.1.rhaos4.16?arch=el8

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1rpd-33se-hkex

vulnerability	VCID-4psv-cefc-7kad

vulnerability	VCID-52c5-4udv-jydb

vulnerability	VCID-86md-jx8m-1kck

vulnerability	VCID-f8ak-21d8-juff

vulnerability	VCID-h93z-zvkv-cyed

vulnerability	VCID-wq29-hzz2-5beh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@4:4.9.4-5.1.rhaos4.16%3Farch=el8

url pkg:rpm/redhat/rhc-worker-script@0.7-1?arch=el7_9

purl pkg:rpm/redhat/rhc-worker-script@0.7-1?arch=el7_9

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rhc-worker-script@0.7-1%3Farch=el7_9

url pkg:rpm/redhat/skopeo@2:1.14.3-2?arch=el9_4

purl pkg:rpm/redhat/skopeo@2:1.14.3-2?arch=el9_4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bq1t-9nnj-mkes

vulnerability	VCID-f8ak-21d8-juff

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/skopeo@2:1.14.3-2%3Farch=el9_4

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24786.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-24786.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-24786

reference_id

reference_type

scores

value	0.00313
scoring_system	epss
scoring_elements	0.54531
published_at	2026-04-18T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.5449
published_at	2026-04-13T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.54517
published_at	2026-04-09T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.54529
published_at	2026-04-11T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.54511
published_at	2026-04-12T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.54528
published_at	2026-04-16T12:55:00Z

value	0.00313
scoring_system	epss
scoring_elements	0.54523
published_at	2026-04-08T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.55289
published_at	2026-04-04T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.5527
published_at	2026-04-07T12:55:00Z

value	0.00322
scoring_system	epss
scoring_elements	0.55266
published_at	2026-04-02T12:55:00Z

value	0.00393
scoring_system	epss
scoring_elements	0.60287
published_at	2026-04-21T12:55:00Z

value	0.00404
scoring_system	epss
scoring_elements	0.60975
published_at	2026-05-07T12:55:00Z

value	0.00404
scoring_system	epss
scoring_elements	0.6108
published_at	2026-05-14T12:55:00Z

value	0.00404
scoring_system	epss
scoring_elements	0.61023
published_at	2026-05-12T12:55:00Z

value	0.00404
scoring_system	epss
scoring_elements	0.60997
published_at	2026-05-11T12:55:00Z

value	0.00404
scoring_system	epss
scoring_elements	0.61034
published_at	2026-05-09T12:55:00Z

value	0.00404
scoring_system	epss
scoring_elements	0.60926
published_at	2026-05-05T12:55:00Z

value	0.00404
scoring_system	epss
scoring_elements	0.60978
published_at	2026-04-29T12:55:00Z

value	0.00404
scoring_system	epss
scoring_elements	0.60985
published_at	2026-04-26T12:55:00Z

value	0.00404
scoring_system	epss
scoring_elements	0.60974
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-24786

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-24786

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/protocolbuffers/protobuf-go

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf-go

reference_url

https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf-go/commit/f01a588e5810b90996452eec4a28f22a0afae023

reference_url

https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/protocolbuffers/protobuf-go/releases/tag/v1.33.0

reference_url

https://go.dev/cl/569356

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://go.dev/cl/569356

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2024-24786

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2024-24786

reference_url

https://pkg.go.dev/vuln/GO-2024-2611

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://pkg.go.dev/vuln/GO-2024-2611

reference_url

https://security.netapp.com/advisory/ntap-20240517-0002

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20240517-0002

reference_url

http://www.openwall.com/lists/oss-security/2024/03/08/4

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	6.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

http://www.openwall.com/lists/oss-security/2024/03/08/4

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065684
reference_id	1065684
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1065684

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2268046
reference_id	2268046
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2268046

reference_url	https://security.gentoo.org/glsa/202407-12
reference_id	GLSA-202407-12
reference_type
scores
url	https://security.gentoo.org/glsa/202407-12

reference_url	https://security.gentoo.org/glsa/202407-25
reference_id	GLSA-202407-25
reference_type
scores
url	https://security.gentoo.org/glsa/202407-25

reference_url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/

reference_id

JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/

reference_url

https://security.netapp.com/advisory/ntap-20240517-0002/

reference_id

ntap-20240517-0002

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-07T16:22:27Z/

url

https://security.netapp.com/advisory/ntap-20240517-0002/

reference_url	https://access.redhat.com/errata/RHSA-2024:0040
reference_id	RHSA-2024:0040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0040

reference_url	https://access.redhat.com/errata/RHSA-2024:0043
reference_id	RHSA-2024:0043
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0043

reference_url	https://access.redhat.com/errata/RHSA-2024:10852
reference_id	RHSA-2024:10852
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:10852

reference_url	https://access.redhat.com/errata/RHSA-2024:1362
reference_id	RHSA-2024:1362
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1362

reference_url	https://access.redhat.com/errata/RHSA-2024:1363
reference_id	RHSA-2024:1363
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1363

reference_url	https://access.redhat.com/errata/RHSA-2024:1456
reference_id	RHSA-2024:1456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1456

reference_url	https://access.redhat.com/errata/RHSA-2024:1461
reference_id	RHSA-2024:1461
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1461

reference_url	https://access.redhat.com/errata/RHSA-2024:1474
reference_id	RHSA-2024:1474
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1474

reference_url	https://access.redhat.com/errata/RHSA-2024:1507
reference_id	RHSA-2024:1507
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1507

reference_url	https://access.redhat.com/errata/RHSA-2024:1508
reference_id	RHSA-2024:1508
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1508

reference_url	https://access.redhat.com/errata/RHSA-2024:1537
reference_id	RHSA-2024:1537
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1537

reference_url	https://access.redhat.com/errata/RHSA-2024:1538
reference_id	RHSA-2024:1538
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1538

reference_url	https://access.redhat.com/errata/RHSA-2024:1616
reference_id	RHSA-2024:1616
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1616

reference_url	https://access.redhat.com/errata/RHSA-2024:1765
reference_id	RHSA-2024:1765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1765

reference_url	https://access.redhat.com/errata/RHSA-2024:1795
reference_id	RHSA-2024:1795
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1795

reference_url	https://access.redhat.com/errata/RHSA-2024:1859
reference_id	RHSA-2024:1859
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1859

reference_url	https://access.redhat.com/errata/RHSA-2024:1874
reference_id	RHSA-2024:1874
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1874

reference_url	https://access.redhat.com/errata/RHSA-2024:1925
reference_id	RHSA-2024:1925
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1925

reference_url	https://access.redhat.com/errata/RHSA-2024:1946
reference_id	RHSA-2024:1946
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:1946

reference_url	https://access.redhat.com/errata/RHSA-2024:2096
reference_id	RHSA-2024:2096
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2096

reference_url	https://access.redhat.com/errata/RHSA-2024:2549
reference_id	RHSA-2024:2549
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2549

reference_url	https://access.redhat.com/errata/RHSA-2024:2550
reference_id	RHSA-2024:2550
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2550

reference_url	https://access.redhat.com/errata/RHSA-2024:2639
reference_id	RHSA-2024:2639
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2639

reference_url	https://access.redhat.com/errata/RHSA-2024:2666
reference_id	RHSA-2024:2666
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2666

reference_url	https://access.redhat.com/errata/RHSA-2024:2773
reference_id	RHSA-2024:2773
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2773

reference_url	https://access.redhat.com/errata/RHSA-2024:2781
reference_id	RHSA-2024:2781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2781

reference_url	https://access.redhat.com/errata/RHSA-2024:2874
reference_id	RHSA-2024:2874
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2874

reference_url	https://access.redhat.com/errata/RHSA-2024:2901
reference_id	RHSA-2024:2901
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2901

reference_url	https://access.redhat.com/errata/RHSA-2024:3316
reference_id	RHSA-2024:3316
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3316

reference_url	https://access.redhat.com/errata/RHSA-2024:3617
reference_id	RHSA-2024:3617
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3617

reference_url	https://access.redhat.com/errata/RHSA-2024:3621
reference_id	RHSA-2024:3621
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3621

reference_url	https://access.redhat.com/errata/RHSA-2024:3634
reference_id	RHSA-2024:3634
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3634

reference_url	https://access.redhat.com/errata/RHSA-2024:3635
reference_id	RHSA-2024:3635
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3635

reference_url	https://access.redhat.com/errata/RHSA-2024:3636
reference_id	RHSA-2024:3636
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3636

reference_url	https://access.redhat.com/errata/RHSA-2024:3637
reference_id	RHSA-2024:3637
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3637

reference_url	https://access.redhat.com/errata/RHSA-2024:3683
reference_id	RHSA-2024:3683
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3683

reference_url	https://access.redhat.com/errata/RHSA-2024:3715
reference_id	RHSA-2024:3715
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3715

reference_url	https://access.redhat.com/errata/RHSA-2024:3717
reference_id	RHSA-2024:3717
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3717

reference_url	https://access.redhat.com/errata/RHSA-2024:3868
reference_id	RHSA-2024:3868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:3868

reference_url	https://access.redhat.com/errata/RHSA-2024:4150
reference_id	RHSA-2024:4150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4150

reference_url	https://access.redhat.com/errata/RHSA-2024:4163
reference_id	RHSA-2024:4163
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4163

reference_url	https://access.redhat.com/errata/RHSA-2024:4246
reference_id	RHSA-2024:4246
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4246

reference_url	https://access.redhat.com/errata/RHSA-2024:4455
reference_id	RHSA-2024:4455
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4455

reference_url	https://access.redhat.com/errata/RHSA-2024:4597
reference_id	RHSA-2024:4597
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4597

reference_url	https://access.redhat.com/errata/RHSA-2024:4626
reference_id	RHSA-2024:4626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:4626

reference_url	https://access.redhat.com/errata/RHSA-2024:5013
reference_id	RHSA-2024:5013
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5013

reference_url	https://access.redhat.com/errata/RHSA-2024:5054
reference_id	RHSA-2024:5054
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5054

reference_url	https://access.redhat.com/errata/RHSA-2024:5422
reference_id	RHSA-2024:5422
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:5422

reference_url	https://access.redhat.com/errata/RHSA-2024:6004
reference_id	RHSA-2024:6004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6004

reference_url	https://access.redhat.com/errata/RHSA-2024:6221
reference_id	RHSA-2024:6221
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6221

reference_url	https://access.redhat.com/errata/RHSA-2024:6409
reference_id	RHSA-2024:6409
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:6409

reference_url	https://access.redhat.com/errata/RHSA-2024:7184
reference_id	RHSA-2024:7184
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7184

reference_url	https://access.redhat.com/errata/RHSA-2024:7548
reference_id	RHSA-2024:7548
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:7548

reference_url	https://access.redhat.com/errata/RHSA-2024:8040
reference_id	RHSA-2024:8040
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8040

reference_url	https://access.redhat.com/errata/RHSA-2024:8434
reference_id	RHSA-2024:8434
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8434

reference_url	https://access.redhat.com/errata/RHSA-2024:8676
reference_id	RHSA-2024:8676
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8676

reference_url	https://access.redhat.com/errata/RHSA-2024:8677
reference_id	RHSA-2024:8677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8677

reference_url	https://access.redhat.com/errata/RHSA-2024:8704
reference_id	RHSA-2024:8704
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:8704

reference_url	https://access.redhat.com/errata/RHSA-2024:9615
reference_id	RHSA-2024:9615
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:9615

reference_url	https://access.redhat.com/errata/RHSA-2025:0654
reference_id	RHSA-2025:0654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0654

reference_url	https://access.redhat.com/errata/RHSA-2025:0664
reference_id	RHSA-2025:0664
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:0664

reference_url	https://access.redhat.com/errata/RHSA-2025:4204
reference_id	RHSA-2025:4204
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:4204

reference_url	https://access.redhat.com/errata/RHSA-2025:9776
reference_id	RHSA-2025:9776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2025:9776

reference_url	https://usn.ubuntu.com/6746-1/
reference_id	USN-6746-1
reference_type
scores
url	https://usn.ubuntu.com/6746-1/

reference_url	https://usn.ubuntu.com/6746-2/
reference_id	USN-6746-2
reference_type
scores
url	https://usn.ubuntu.com/6746-2/

Weaknesses

cwe_id	835
name	Loop with Unreachable Exit Condition ('Infinite Loop')
description	The product contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

cwe_id	1286
name	Improper Validation of Syntactic Correctness of Input
description	The product receives input that is expected to be well-formed - i.e., to comply with a certain syntax - but it does not validate or incorrectly validates that the input complies with the syntax.

Exploits

Severity_range_score 4.0 - 7.5

Exploitability 0.5

Weighted_severity 6.8

Risk_score 3.4

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f8ak-21d8-juff

Vulnerability Instance