{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/29648?format=json","vulnerability_id":"VCID-wxsf-mu1t-aqa4","summary":"runc container escape and denial of service due to arbitrary write gadgets and procfs write redirects\n### Impact ###\n\nThis attack is primarily a more sophisticated version of CVE-2019-19921, which was a flaw which allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy `tmpfs` file and thus not apply the correct LSM labels to the container process. The mitigation runc applied for CVE-2019-19921 was fairly limited and effectively only caused runc to verify that when runc writes LSM labels that those labels are actual procfs files.\n\nRather than using a fake `tmpfs` file for `/proc/self/attr/<label>`, an attacker could instead (through various means) make `/proc/self/attr/<label>` reference a real `procfs` file, but one that would still be a no-op (such as `/proc/self/sched`). This would have the same effect but would clear the \"is a procfs file\" check. Runc is aware that this kind of attack would be possible (even going so far as to discuss this publicly as \"future work\" at conferences), and runc is working on a far more comprehensive mitigation of this attack, but this security issue was disclosed before runc could complete this work.\n\nIn all known versions of runc, an attacker can trick runc into misdirecting writes to `/proc` to other procfs files through the use of a racing container with shared mounts (runc has also verified this attack is possible to exploit using a standard Dockerfile with `docker buildx build` as that also permits triggering parallel execution of containers with custom shared mounts configured). This redirect could be through symbolic links in a `tmpfs` or theoretically other methods such as regular bind-mounts.\n\nNote that while `/proc/self/attr/<label>` was the example used above (which is LSM-specific), this issue affect all writes to `/proc` in runc and thus also affects sysctls (written to `/proc/sys/...`) and some other APIs.\n\n#### Additional Impacts ####\n\nWhile investigating this issue, runc discovered that another risk with these redirected writes is that they could be redirected to dangerous files such as `/proc/sysrq-trigger` rather than just no-op files like `/proc/self/sched`. For instance, the default AppArmor profile name in Docker is `docker-default`, which when written to `/proc/sysrq-trigger` would cause the host system to crash.\n\nWhen this was discovered, runc conducted an audit of other write operations within runc and found several possible areas where runc could be used as a semi-arbitrary write gadget when combined with the above race attacks. The most concerning attack scenario was the configuration of sysctls. Because the contents of the sysctl are free-form text, an attacker could use a misdirected write to write to `/proc/sys/kernel/core_pattern` and break out of the container (as described in CVE-2025-31133, kernel upcalls are not namespaced and so coredump helpers will run with complete root privileges on the host). Even if the attacker cannot configure custom sysctls, a valid sysctl string (when redirected to `/proc/sysrq-trigger`) can easily cause the machine to hang.\n\nNote that the fact that this attack allows you to disable LSM labels makes it a very useful attack to combine with CVE-2025-31133 (as one of the only mitigations available to most users for that issue is AppArmor, and this attack would let you bypass that). However, the misdirected write issue above means that you could also achieve most of the same goals without needing to chain together attacks.\n\n### Patches ###\n\nThis advisory is being published as part of a set of three advisories:\n\n  * CVE-2025-31133\n  * CVE-2025-52881\n  * CVE-2025-52565\n\nThe patches fixing this issue have accordingly been combined into a single patchset. The following patches from that patchset resolve the issues in this advisory:\n\n * db19bbed5348 (\"internal/sys: add VerifyInode helper\")\n * 6fc191449109 (\"internal: move utils.MkdirAllInRoot to internal/pathrs\")\n * ff94f9991bd3 (\"*: switch to safer securejoin.Reopen\")\n * 44a0fcf685db (\"go.mod: update to github.com/cyphar/filepath-securejoin@v0.5.0\")\n * 77889b56db93 (\"internal: add wrappers for securejoin.Proc*\")\n * fdcc9d3cad2f (\"apparmor: use safe procfs API for labels\")\n * ff6fe1324663 (\"utils: use safe procfs for /proc/self/fd loop code\")\n * b3dd1bc562ed (\"utils: remove unneeded EnsureProcHandle\")\n * 77d217c7c377 (\"init: write sysctls using safe procfs API\")\n * 435cc81be6b7 (\"init: use securejoin for /proc/self/setgroups\")\n * d61fd29d854b (\"libct/system: use securejoin for /proc/$pid/stat\")\n * 4b37cd93f86e (\"libct: align param type for mountCgroupV1/V2 functions\")\n * d40b3439a961 (\"rootfs: switch to fd-based handling of mountpoint targets\")\n * ed6b1693b8b3 (\"selinux: use safe procfs API for labels\")\n   - Please note that this patch includes a private patch for `github.com/opencontainers/selinux` that could not be made public through a public pull request (as it would necessarily disclose this embargoed security issue).\n\n     The patch includes a complete copy of the forked code and a `replace` directive (as well as `go mod vendor` applied), which should still work with downstream build systems. If you cannot apply this patch, you can safely drop it -- some of the other patches in this series should block these kinds of racing mount attacks entirely.\n\n     See https://github.com/opencontainers/selinux/pull/237 for the upstream patch.\n * 3f925525b44d (\"rootfs: re-allow dangling symlinks in mount targets\")\n * a41366e74080 (\"openat2: improve resilience on busy systems\")\n\nrunc 1.2.8, 1.3.3, and 1.4.0-rc.3 have been released and all contain fixes for these issues. As per [runc's new release model][RELEASES.md], runc 1.1.x and earlier are no longer supported and thus have not been patched.\n\n[CVE-2025-31133]: https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2\n[CVE-2025-52565]: https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r\n[CVE-2025-52881]: https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm\n[RELEASES.md]: https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md\n\n### Mitigations ###\n\n * Do not run untrusted container images from unknown or unverified sources.\n\n * For the basic no-op attack, this attack allows a container process to run with the same LSM labels as `runc`. For most AppArmor deployments this means it will be `unconfined`, and for SELinux it will likely be `container_runtime_t`. Runc has not conducted in-depth testing of the impact on SELinux -- it is possible that it provides some reasonable protection but it seems likely that an attacker could cause harm to systems even with such an SELinux setup.\n\n * For the more involved redirect and write gadget attacks, unfortunately most LSM profiles (including the standard container-selinux profiles) provide the container runtime access to sysctl files (including `/proc/sysrq-trigger`) and so LSMs likely do not provide much protection against these attacks.\n\n * Using rootless containers provides some protection against these kinds of bugs (privileged writes in runc being redirected) -- by having runc itself be an unprivileged process, in general you would expect the impact scope of a runc bug to be less severe as it would only have the privileges afforded to the host user which spawned runc. For this particular bug, the privilege escalation caused by the inadvertent write issue is entirely mitigated with rootless containers because the unprivileged user that the `runc` process is executing as cannot write to the aforementioned procfs files (even intentionally).\n\n### Other Runtimes ###\n\nAs this vulnerability boils down to a fairly easy-to-make logic bug, runc has provided information to other OCI (crun, youki) and non-OCI (LXC) container runtimes about this vulnerability.\n\nBased on discussions with other runtimes, it seems that crun and youki may have similar security issues and will release a co-ordinated security release along with runc. LXC appears to use the host's `/proc` for all procfs operations, and so is likely not vulnerable to this issue (this is a trade-off -- runc uses the container's procfs to avoid CVE-2016-9962-style attacks).\n\n[CVE-2016-9962]: https://seclists.org/fulldisclosure/2017/Jan/21\n\n### Credits ###\n\nThanks to Li Fubang (@lifubang from acmcoder.com, CIIC) and Tõnis Tiigi (@tonistiigi from Docker) for both independently discovering this vulnerability, as well as Aleksa Sarai (@cyphar from SUSE) for the original research into this class of security issues and solutions.\n\nAdditional thanks go to Tõnis Tiigi for finding some very useful exploit templates for these kinds of race attacks using `docker buildx build`.","aliases":[{"alias":"CVE-2025-52881"},{"alias":"GHSA-cgrx-mc8f-2prm"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/566456?format=json","purl":"pkg:apk/alpine/buildah@1.41.6-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.41.6-r0%3Farch=armv7&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/566455?format=json","purl":"pkg:apk/alpine/buildah@1.41.6-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.41.6-r0%3Farch=armhf&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/566457?format=json","purl":"pkg:apk/alpine/buildah@1.41.6-r0?arch=loongarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.41.6-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/566458?format=json","purl":"pkg:apk/alpine/buildah@1.41.6-r0?arch=ppc64le&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.41.6-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/566461?format=json","purl":"pkg:apk/alpine/buildah@1.41.6-r0?arch=x86&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.41.6-r0%3Farch=x86&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/566459?format=json","purl":"pkg:apk/alpine/buildah@1.41.6-r0?arch=riscv64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.41.6-r0%3Farch=riscv64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/566460?format=json","purl":"pkg:apk/alpine/buildah@1.41.6-r0?arch=s390x&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.41.6-r0%3Farch=s390x&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/566462?format=json","purl":"pkg:apk/alpine/buildah@1.41.6-r0?arch=x86_64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.41.6-r0%3Farch=x86_64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/566454?format=json","purl":"pkg:apk/alpine/buildah@1.41.6-r0?arch=aarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.41.6-r0%3Farch=aarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/973111?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=armhf&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/540497?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=x86&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/973118?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=x86_64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=x86_64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/540491?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=armhf&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=armhf&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/540493?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=loongarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=loongarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/540498?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=x86_64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=x86_64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/540492?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=armv7&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=armv7&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/540494?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=ppc64le&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/540495?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=riscv64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/540496?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=s390x&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/973112?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=armv7&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/973113?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=loongarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/973114?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=ppc64le&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/973115?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=riscv64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=riscv64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/973116?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=s390x&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/973117?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=x86&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=x86&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/540490?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=aarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/973110?format=json","purl":"pkg:apk/alpine/buildah@1.42.1-r0?arch=aarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/buildah@1.42.1-r0%3Farch=aarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1028506?format=json","purl":"pkg:apk/alpine/podman@5.6.2-r1?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.6.2-r1%3Farch=armhf&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1028509?format=json","purl":"pkg:apk/alpine/podman@5.6.2-r1?arch=ppc64le&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.6.2-r1%3Farch=ppc64le&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1028510?format=json","purl":"pkg:apk/alpine/podman@5.6.2-r1?arch=riscv64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.6.2-r1%3Farch=riscv64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1028511?format=json","purl":"pkg:apk/alpine/podman@5.6.2-r1?arch=s390x&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.6.2-r1%3Farch=s390x&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1028512?format=json","purl":"pkg:apk/alpine/podman@5.6.2-r1?arch=x86&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.6.2-r1%3Farch=x86&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1028505?format=json","purl":"pkg:apk/alpine/podman@5.6.2-r1?arch=aarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.6.2-r1%3Farch=aarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1028507?format=json","purl":"pkg:apk/alpine/podman@5.6.2-r1?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.6.2-r1%3Farch=armv7&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1028508?format=json","purl":"pkg:apk/alpine/podman@5.6.2-r1?arch=loongarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.6.2-r1%3Farch=loongarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1028513?format=json","purl":"pkg:apk/alpine/podman@5.6.2-r1?arch=x86_64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.6.2-r1%3Farch=x86_64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/414759?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=loongarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=loongarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/414760?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=ppc64le&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/414763?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=x86&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1033610?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=armhf&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1033615?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=s390x&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/414761?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=riscv64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/414762?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=s390x&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1033609?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=aarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=aarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1033612?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=loongarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1033613?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=ppc64le&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1033614?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=riscv64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=riscv64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1033616?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=x86&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=x86&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/414758?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=armv7&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=armv7&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/414756?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=aarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1033611?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=armv7&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/1033617?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=x86_64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=x86_64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/414757?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=armhf&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=armhf&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/414764?format=json","purl":"pkg:apk/alpine/podman@5.7.0-r0?arch=x86_64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/podman@5.7.0-r0%3Farch=x86_64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/444232?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=armv7&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=armv7&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/444233?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=loongarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=loongarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/444235?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=riscv64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/444237?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=x86&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/507635?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=aarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=aarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/507640?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=riscv64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=riscv64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/963947?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=aarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=aarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/963950?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=loongarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/963955?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=x86_64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=x86_64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/444231?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=armhf&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=armhf&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/444238?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=x86_64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=x86_64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/507636?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=armhf&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/507638?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=loongarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/507639?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=ppc64le&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/507641?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=s390x&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=s390x&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/507642?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=x86&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=x86&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/507643?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=x86_64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=x86_64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/963948?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=armhf&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/444230?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=aarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/444234?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=ppc64le&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/444236?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=s390x&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/507637?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=armv7&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/963949?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=armv7&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/963951?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=ppc64le&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/963952?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=riscv64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=riscv64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/963953?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=s390x&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/963954?format=json","purl":"pkg:apk/alpine/runc@1.3.3-r0?arch=x86&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.3.3-r0%3Farch=x86&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/994647?format=json","purl":"pkg:deb/debian/runc@1.0.3%2Bds1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.3%252Bds1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/938529?format=json","purl":"pkg:deb/debian/runc@1.3.3%2Bds1-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.3%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/994650?format=json","purl":"pkg:deb/debian/runc@1.3.3%2Bds1-2","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.3%252Bds1-2"},{"url":"http://public2.vulnerablecode.io/api/packages/938513?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/70375?format=json","purl":"pkg:golang/github.com/opencontainers/runc@1.2.8","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/opencontainers/runc@1.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/70376?format=json","purl":"pkg:golang/github.com/opencontainers/runc@1.3.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/opencontainers/runc@1.3.3"},{"url":"http://public2.vulnerablecode.io/api/packages/70377?format=json","purl":"pkg:golang/github.com/opencontainers/runc@1.4.0-rc.3","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/opencontainers/runc@1.4.0-rc.3"},{"url":"http://public2.vulnerablecode.io/api/packages/70382?format=json","purl":"pkg:golang/github.com/opencontainers/selinux@1.13.0","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/opencontainers/selinux@1.13.0"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994646?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5"},{"url":"http://public2.vulnerablecode.io/api/packages/938512?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/994648?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1"},{"url":"http://public2.vulnerablecode.io/api/packages/938510?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/994649?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2"},{"url":"http://public2.vulnerablecode.io/api/packages/938514?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067305?format=json","purl":"pkg:rpm/redhat/buildah@1:1.26.9-1.el9_0?arch=3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bq3a-psx3-5kh8"},{"vulnerability":"VCID-mvsr-c2yh-mbdq"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@1:1.26.9-1.el9_0%3Farch=3"},{"url":"http://public2.vulnerablecode.io/api/packages/87939?format=json","purl":"pkg:rpm/redhat/buildah@1:1.29.5-1.el9_2?arch=2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bq3a-psx3-5kh8"},{"vulnerability":"VCID-mvsr-c2yh-mbdq"},{"vulnerability":"VCID-sty6-gwh1-hbcy"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@1:1.29.5-1.el9_2%3Farch=2"},{"url":"http://public2.vulnerablecode.io/api/packages/88229?format=json","purl":"pkg:rpm/redhat/buildah@2:1.33.12-2.rhaos4.18?arch=el9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@2:1.33.12-2.rhaos4.18%3Farch=el9"},{"url":"http://public2.vulnerablecode.io/api/packages/88247?format=json","purl":"pkg:rpm/redhat/buildah@2:1.33.12-3.rhaos4.17?arch=el8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@2:1.33.12-3.rhaos4.17%3Farch=el8"},{"url":"http://public2.vulnerablecode.io/api/packages/88234?format=json","purl":"pkg:rpm/redhat/buildah@2:1.33.12-4.rhaos4.19?arch=el9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@2:1.33.12-4.rhaos4.19%3Farch=el9"},{"url":"http://public2.vulnerablecode.io/api/packages/88239?format=json","purl":"pkg:rpm/redhat/buildah@2:1.33.13-2.el9_4?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mvsr-c2yh-mbdq"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@2:1.33.13-2.el9_4%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/88232?format=json","purl":"pkg:rpm/redhat/buildah@2:1.39.5-1?arch=el10_0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@2:1.39.5-1%3Farch=el10_0"},{"url":"http://public2.vulnerablecode.io/api/packages/88233?format=json","purl":"pkg:rpm/redhat/buildah@2:1.39.5-1?arch=el9_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@2:1.39.5-1%3Farch=el9_6"},{"url":"http://public2.vulnerablecode.io/api/packages/88238?format=json","purl":"pkg:rpm/redhat/buildah@2:1.41.6-1?arch=el9_7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mvsr-c2yh-mbdq"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@2:1.41.6-1%3Farch=el9_7"},{"url":"http://public2.vulnerablecode.io/api/packages/88235?format=json","purl":"pkg:rpm/redhat/buildah@2:1.41.6-1?arch=el10_1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mvsr-c2yh-mbdq"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/buildah@2:1.41.6-1%3Farch=el10_1"},{"url":"http://public2.vulnerablecode.io/api/packages/1067306?format=json","purl":"pkg:rpm/redhat/podman@2:4.2.0-6.el9_0?arch=6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bq3a-psx3-5kh8"},{"vulnerability":"VCID-mvsr-c2yh-mbdq"},{"vulnerability":"VCID-sty6-gwh1-hbcy"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@2:4.2.0-6.el9_0%3Farch=6"},{"url":"http://public2.vulnerablecode.io/api/packages/87942?format=json","purl":"pkg:rpm/redhat/podman@2:4.4.1-22.el9_2?arch=5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bq3a-psx3-5kh8"},{"vulnerability":"VCID-mvsr-c2yh-mbdq"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@2:4.4.1-22.el9_2%3Farch=5"},{"url":"http://public2.vulnerablecode.io/api/packages/88230?format=json","purl":"pkg:rpm/redhat/podman@4:4.9.4-19.el9_4?arch=5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mvsr-c2yh-mbdq"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@4:4.9.4-19.el9_4%3Farch=5"},{"url":"http://public2.vulnerablecode.io/api/packages/88240?format=json","purl":"pkg:rpm/redhat/podman@5:5.4.0-15?arch=el9_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mvsr-c2yh-mbdq"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@5:5.4.0-15%3Farch=el9_6"},{"url":"http://public2.vulnerablecode.io/api/packages/88241?format=json","purl":"pkg:rpm/redhat/podman@6:5.4.0-14?arch=el10_0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mvsr-c2yh-mbdq"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@6:5.4.0-14%3Farch=el10_0"},{"url":"http://public2.vulnerablecode.io/api/packages/88231?format=json","purl":"pkg:rpm/redhat/podman@6:5.6.0-7?arch=el9_7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@6:5.6.0-7%3Farch=el9_7"},{"url":"http://public2.vulnerablecode.io/api/packages/88243?format=json","purl":"pkg:rpm/redhat/podman@7:5.6.0-6?arch=el10_1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/podman@7:5.6.0-6%3Farch=el10_1"},{"url":"http://public2.vulnerablecode.io/api/packages/88245?format=json","purl":"pkg:rpm/redhat/runc@4:1.2.5-3?arch=el9_6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@4:1.2.5-3%3Farch=el9_6"},{"url":"http://public2.vulnerablecode.io/api/packages/1067304?format=json","purl":"pkg:rpm/redhat/runc@4:1.2.9-1?arch=el9_0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bq3a-psx3-5kh8"},{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@4:1.2.9-1%3Farch=el9_0"},{"url":"http://public2.vulnerablecode.io/api/packages/87928?format=json","purl":"pkg:rpm/redhat/runc@4:1.2.9-1?arch=el9_4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bq3a-psx3-5kh8"},{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@4:1.2.9-1%3Farch=el9_4"},{"url":"http://public2.vulnerablecode.io/api/packages/87935?format=json","purl":"pkg:rpm/redhat/runc@4:1.2.9-1.el9_2?arch=1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-bq3a-psx3-5kh8"},{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@4:1.2.9-1.el9_2%3Farch=1"},{"url":"http://public2.vulnerablecode.io/api/packages/88246?format=json","purl":"pkg:rpm/redhat/runc@4:1.2.9-1.rhaos4.16?arch=el8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@4:1.2.9-1.rhaos4.16%3Farch=el8"},{"url":"http://public2.vulnerablecode.io/api/packages/88237?format=json","purl":"pkg:rpm/redhat/runc@4:1.2.9-1.rhaos4.17?arch=el9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@4:1.2.9-1.rhaos4.17%3Farch=el9"},{"url":"http://public2.vulnerablecode.io/api/packages/88236?format=json","purl":"pkg:rpm/redhat/runc@4:1.2.9-1.rhaos4.17?arch=el8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@4:1.2.9-1.rhaos4.17%3Farch=el8"},{"url":"http://public2.vulnerablecode.io/api/packages/88244?format=json","purl":"pkg:rpm/redhat/runc@4:1.2.9-1.rhaos4.18?arch=el8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@4:1.2.9-1.rhaos4.18%3Farch=el8"},{"url":"http://public2.vulnerablecode.io/api/packages/88242?format=json","purl":"pkg:rpm/redhat/runc@4:1.3.0-4?arch=el9_7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@4:1.3.0-4%3Farch=el9_7"}],"references":[{"reference_url":"http://github.com/opencontainers/runc/commit/a41366e74080fa9f26a2cd3544e2801449697322","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"http://github.com/opencontainers/runc/commit/a41366e74080fa9f26a2cd3544e2801449697322"},{"reference_url":"http://github.com/opencontainers/runc/commit/fdcc9d3cad2f85954a241ccb910a61aaa1ef47f3","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"http://github.com/opencontainers/runc/commit/fdcc9d3cad2f85954a241ccb910a61aaa1ef47f3"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52881.json","reference_id":"","reference_type":"","scores":[{"value":"8.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52881.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-52881","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02508","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0252","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03374","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03354","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03349","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03341","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03243","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03281","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03284","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03306","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03335","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03123","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0447","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00033","scoring_system":"epss","scoring_elements":"0.09595","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-52881"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52881","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-52881"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/opencontainers/runc","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc"},{"reference_url":"https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/blob/v1.4.0-rc.2/RELEASES.md"},{"reference_url":"https://github.com/opencontainers/runc/commit/3f925525b44d247e390e529e772a0dc0c0bc3557","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/3f925525b44d247e390e529e772a0dc0c0bc3557"},{"reference_url":"https://github.com/opencontainers/runc/commit/435cc81be6b79cdec73b4002c0dae549b2f6ae6d","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/435cc81be6b79cdec73b4002c0dae549b2f6ae6d"},{"reference_url":"https://github.com/opencontainers/runc/commit/44a0fcf685db051c80b8c269812bb177f5802c58","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/44a0fcf685db051c80b8c269812bb177f5802c58"},{"reference_url":"https://github.com/opencontainers/runc/commit/4b37cd93f86e72feac866442988b549b5b7bf3e6","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/4b37cd93f86e72feac866442988b549b5b7bf3e6"},{"reference_url":"https://github.com/opencontainers/runc/commit/6fc191449109ea14bb7d61238f24a33fe08c651f","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/6fc191449109ea14bb7d61238f24a33fe08c651f"},{"reference_url":"https://github.com/opencontainers/runc/commit/77889b56db939c323d29d1130f28f9aea2edb544","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/77889b56db939c323d29d1130f28f9aea2edb544"},{"reference_url":"https://github.com/opencontainers/runc/commit/77d217c7c3775d8ca5af89e477e81568ef4572db","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/77d217c7c3775d8ca5af89e477e81568ef4572db"},{"reference_url":"https://github.com/opencontainers/runc/commit/a41366e74080fa9f26a2cd3544e2801449697322","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/commit/a41366e74080fa9f26a2cd3544e2801449697322"},{"reference_url":"https://github.com/opencontainers/runc/commit/b3dd1bc562ed9996d1a0f249e056c16624046d28","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/b3dd1bc562ed9996d1a0f249e056c16624046d28"},{"reference_url":"https://github.com/opencontainers/runc/commit/d40b3439a9614a86e87b81a94c6811ec6fa2d7d2","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/d40b3439a9614a86e87b81a94c6811ec6fa2d7d2"},{"reference_url":"https://github.com/opencontainers/runc/commit/d61fd29d854b416feaaf128bf650325cd2182165","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/d61fd29d854b416feaaf128bf650325cd2182165"},{"reference_url":"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/db19bbed5348847da433faa9d69e9f90192bfa64"},{"reference_url":"https://github.com/opencontainers/runc/commit/ed6b1693b8b3ae7eb0250a7e76fc888cdacf98c1","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/ed6b1693b8b3ae7eb0250a7e76fc888cdacf98c1"},{"reference_url":"https://github.com/opencontainers/runc/commit/fdcc9d3cad2f85954a241ccb910a61aaa1ef47f3","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/commit/fdcc9d3cad2f85954a241ccb910a61aaa1ef47f3"},{"reference_url":"https://github.com/opencontainers/runc/commit/ff6fe1324663538167eca8b3d3eec61e1bd4fa51","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/ff6fe1324663538167eca8b3d3eec61e1bd4fa51"},{"reference_url":"https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/commit/ff94f9991bd32076c871ef0ad8bc1b763458e480"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-fh74-hm69-rqjw","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-fh74-hm69-rqjw"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-06T21:06:59Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"},{"reference_url":"https://github.com/opencontainers/selinux/pull/237","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/selinux/pull/237"},{"reference_url":"https://github.com/opencontainers/selinux/releases/tag/v1.13.0","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/selinux/releases/tag/v1.13.0"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-52881","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2025-52881"},{"reference_url":"https://pkg.go.dev/github.com/cyphar/filepath-securejoin/pathrs-lite/procfs","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://pkg.go.dev/github.com/cyphar/filepath-securejoin/pathrs-lite/procfs"},{"reference_url":"https://youtu.be/tGseJW_uBB8","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://youtu.be/tGseJW_uBB8"},{"reference_url":"https://youtu.be/y1PaBzxwRWQ","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://youtu.be/y1PaBzxwRWQ"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120140","reference_id":"1120140","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1120140"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404715","reference_id":"2404715","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2404715"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19927","reference_id":"RHSA-2025:19927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:19927"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20957","reference_id":"RHSA-2025:20957","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:20957"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21220","reference_id":"RHSA-2025:21220","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21220"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21232","reference_id":"RHSA-2025:21232","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21232"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21633","reference_id":"RHSA-2025:21633","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21633"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21634","reference_id":"RHSA-2025:21634","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21634"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21702","reference_id":"RHSA-2025:21702","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21702"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21795","reference_id":"RHSA-2025:21795","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21795"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21824","reference_id":"RHSA-2025:21824","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:21824"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22011","reference_id":"RHSA-2025:22011","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22011"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22012","reference_id":"RHSA-2025:22012","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22012"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22030","reference_id":"RHSA-2025:22030","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:22030"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23347","reference_id":"RHSA-2025:23347","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:23543","reference_id":"RHSA-2025:23543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:23543"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0050","reference_id":"RHSA-2026:0050","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0050"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0315","reference_id":"RHSA-2026:0315","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0315"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0331","reference_id":"RHSA-2026:0331","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0331"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0418","reference_id":"RHSA-2026:0418","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0418"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0424","reference_id":"RHSA-2026:0424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0425","reference_id":"RHSA-2026:0425","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0425"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0426","reference_id":"RHSA-2026:0426","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0676","reference_id":"RHSA-2026:0676","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0676"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0701","reference_id":"RHSA-2026:0701","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0701"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0995","reference_id":"RHSA-2026:0995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:0995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10703","reference_id":"RHSA-2026:10703","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:10703"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1540","reference_id":"RHSA-2026:1540","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1730","reference_id":"RHSA-2026:1730","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1730"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:1942","reference_id":"RHSA-2026:1942","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:1942"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2034","reference_id":"RHSA-2026:2034","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2106","reference_id":"RHSA-2026:2106","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2106"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2343","reference_id":"RHSA-2026:2343","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2456","reference_id":"RHSA-2026:2456","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2456"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2681","reference_id":"RHSA-2026:2681","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2681"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2695","reference_id":"RHSA-2026:2695","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2695"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2754","reference_id":"RHSA-2026:2754","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2754"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2762","reference_id":"RHSA-2026:2762","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2762"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2900","reference_id":"RHSA-2026:2900","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2900"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2951","reference_id":"RHSA-2026:2951","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2951"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:2975","reference_id":"RHSA-2026:2975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:2975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3391","reference_id":"RHSA-2026:3391","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3391"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3416","reference_id":"RHSA-2026:3416","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3416"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3713","reference_id":"RHSA-2026:3713","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3713"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4185","reference_id":"RHSA-2026:4185","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4215","reference_id":"RHSA-2026:4215","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4215"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4531","reference_id":"RHSA-2026:4531","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4531"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4532","reference_id":"RHSA-2026:4532","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4532"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4533","reference_id":"RHSA-2026:4533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4693","reference_id":"RHSA-2026:4693","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4693"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8325","reference_id":"RHSA-2026:8325","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8325"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:8433","reference_id":"RHSA-2026:8433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:8433"},{"reference_url":"https://usn.ubuntu.com/7851-1/","reference_id":"USN-7851-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7851-1/"}],"weaknesses":[{"cwe_id":363,"name":"Race Condition Enabling Link Following","description":"The product checks the status of a file or directory before accessing it, which produces a race condition in which the file can be replaced with a link before the access is performed, causing the product to access the wrong file."},{"cwe_id":61,"name":"UNIX Symbolic Link (Symlink) Following","description":"The product, when opening a file or directory, does not sufficiently account for when the file is a symbolic link that resolves to a target outside of the intended control sphere. This could allow an attacker to cause the product to operate on unauthorized files."},{"cwe_id":59,"name":"Improper Link Resolution Before File Access ('Link Following')","description":"The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource."}],"exploits":[],"severity_range_score":"7.0 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wxsf-mu1t-aqa4"}