{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/30534?format=json","vulnerability_id":"VCID-quyf-eq2s-dbda","summary":"Docker Swarm encrypted overlay network traffic may be unencrypted\n[Moby](https://mobyproject.org/) is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component (`dockerd`), which is developed as [moby/moby](https://github.com/moby/moby) is commonly referred to as *Docker*.\n\nSwarm Mode, which is compiled in and delivered by default in `dockerd` and is thus present in most major Moby downstreams, is a simple, built-in container orchestrator that is implemented through a combination of [SwarmKit](https://github.com/moby/swarmkit) and supporting network code.\n\nThe `overlay` network driver is a core feature of Swarm Mode, providing isolated virtual LANs that allow communication between containers and services across the cluster. This driver is an implementation/user of [VXLAN](https://en.wikipedia.org/wiki/Virtual_Extensible_LAN), which encapsulates link-layer (Ethernet) frames in UDP datagrams that tag the frame with a VXLAN Network ID (VNI) that identifies the originating overlay network. In addition, the overlay network driver supports an optional, off-by-default encrypted mode, which is especially useful when VXLAN packets traverses an untrusted network between nodes.\n\nEncrypted overlay networks function by encapsulating the VXLAN datagrams through the use of the [IPsec Encapsulating Security Payload](https://en.wikipedia.org/wiki/IPsec#Encapsulating_Security_Payload) protocol in [Transport mode](https://en.wikipedia.org/wiki/IPsec#Transport_mode). By deploying IPSec encapsulation, encrypted overlay networks gain the additional properties of source authentication through cryptographic proof, data integrity through check-summing, and confidentiality through encryption.\n\nWhen setting an endpoint up on an encrypted overlay network, Moby installs three [iptables](https://www.netfilter.org/projects/iptables/index.html) (Linux kernel firewall) rules that enforce both incoming and outgoing IPSec. These rules rely on the `u32` iptables extension provided by the `xt_u32` kernel module to directly filter on a VXLAN packet's VNI field, so that IPSec guarantees can be enforced on encrypted overlay networks without interfering with other overlay networks or other users of VXLAN.\n\nAn [iptables rule](https://github.com/moby/libnetwork/blob/d9fae4c73daf76c3b0f77e14b45b8bf612ba764d/drivers/overlay/encryption.go#L205-L207) designates outgoing VXLAN datagrams with a VNI that corresponds to an encrypted overlay network for IPsec encapsulation.\n\nOn Red Hat Enterprise Linux and derivatives such as CentOS and Rocky, the `xt_u32` module has been:\n* [moved to the kernel-modules-extra package and no longer installed by default in RHEL 8.3](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/rhel-8-3-0-release#technology-preview_networking)\n* [officially deprecated in RHEL 8.6](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/deprecated_functionality#deprecated-functionality_networking)\n* [removed completely in RHEL 9](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/considerations_in_adopting_rhel_9/assembly_networking_considerations-in-adopting-rhel-9#ref_firewall-networking_assembly_networking)\n\nThis rule is not created when `xt_u32` is unavailable, even though the container is still attached to the network.\n\n## Impact\nEncrypted overlay networks on affected platforms silently transmit unencrypted data. As a result, `overlay` networks may appear to be functional, passing traffic as expected, but without any of the expected confidentiality or data integrity guarantees.\n\nIt is possible for an attacker sitting in a trusted position on the network to read all of the application traffic that is moving across the overlay network, resulting in unexpected secrets or user data disclosure. Thus, because many database protocols, internal APIs, etc. are not protected by a second layer of encryption, a user may rely on Swarm encrypted overlay networks to provide confidentiality, which due to this vulnerability is no longer guaranteed.\n\n## Patches\nPatches are available in Moby releases 23.0.3, and 20.10.24. As Mirantis Container Runtime's 20.10 releases are numbered differently, users of that platform should update to 20.10.16.\n\n## Workarounds\n* Close the VXLAN port (by default, UDP port 4789) to outgoing traffic at the Internet boundary (see [GHSA-vwm3-crmr-xfxw](https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw)) in order to prevent unintentionally leaking unencrypted traffic over the Internet.\n* Ensure that the `xt_u32` kernel module is available on all nodes of the Swarm cluster.\n\n## Background\n* [#43382 ](https://github.com/moby/moby/issues/43382)partially discussed this concern, but did not consider the security implications.\n* Mirantis FIELD-5788 essentially duplicates [#43382](https://github.com/moby/moby/issues/43382), and was created six months earlier; it similarly overlooked the security implications.\n* [#45118](https://github.com/moby/moby/pull/45118) is the ancestor of the final patches, and was where the security implications were discovered.\n\n## Related\n* [CVE-2023-28840: Encrypted overlay network may be unauthenticated](https://github.com/moby/moby/security/advisories/GHSA-232p-vwff-86mp)\n* [CVE-2023-28842: Encrypted overlay network with a single endpoint is unauthenticated](https://github.com/moby/moby/security/advisories/GHSA-6wrf-mxfj-pf5p)\n* [GHSA-vwm3-crmr-xfxw: The Swarm VXLAN port may be exposed to attack due to ambiguous documentation](https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw)\n* [GHSA-gvm4-2qqg-m333: Security issues in encrypted overlay networks](https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333) (libnetwork)","aliases":[{"alias":"CVE-2023-28841"},{"alias":"GHSA-33pg-m6jh-5237"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/485950?format=json","purl":"pkg:apk/alpine/docker@20.10.24-r0?arch=ppc64le&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@20.10.24-r0%3Farch=ppc64le&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485952?format=json","purl":"pkg:apk/alpine/docker@20.10.24-r0?arch=x86&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@20.10.24-r0%3Farch=x86&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485953?format=json","purl":"pkg:apk/alpine/docker@20.10.24-r0?arch=x86_64&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@20.10.24-r0%3Farch=x86_64&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485949?format=json","purl":"pkg:apk/alpine/docker@20.10.24-r0?arch=armv7&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@20.10.24-r0%3Farch=armv7&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485948?format=json","purl":"pkg:apk/alpine/docker@20.10.24-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@20.10.24-r0%3Farch=armhf&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485951?format=json","purl":"pkg:apk/alpine/docker@20.10.24-r0?arch=s390x&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@20.10.24-r0%3Farch=s390x&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485947?format=json","purl":"pkg:apk/alpine/docker@20.10.24-r0?arch=aarch64&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@20.10.24-r0%3Farch=aarch64&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/403550?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86_64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86_64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/419738?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=loongarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/446482?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armhf&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armhf&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/475985?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86_64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86_64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/476803?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armhf&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armhf&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/475980?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=loongarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=loongarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/403542?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=aarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=aarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/431802?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/446481?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=aarch64&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=aarch64&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/446485?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=s390x&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=s390x&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/475977?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=aarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/475978?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armhf&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armhf&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/476804?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armv7&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armv7&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/476806?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=s390x&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=s390x&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/403549?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/431800?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=s390x&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=s390x&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/431801?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/419743?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86_64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86_64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/431797?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armv7&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armv7&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/475981?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=ppc64le&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/475982?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=riscv64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/476805?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=ppc64le&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=ppc64le&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/489241?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=ppc64le&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/403547?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=riscv64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=riscv64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/403548?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=s390x&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/419736?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armhf&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armhf&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/419737?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armv7&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armv7&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/419739?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=ppc64le&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/419742?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/431795?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=aarch64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=aarch64&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/431796?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armhf&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/431798?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/446483?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armv7&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armv7&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/446484?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=ppc64le&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/475979?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armv7&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armv7&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/475984?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/476802?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=aarch64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=aarch64&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/489238?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armhf&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/489240?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=loongarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/489242?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=riscv64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=riscv64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/489243?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=s390x&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=s390x&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/489245?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86_64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86_64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/403543?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armhf&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/403544?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armv7&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/403545?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=loongarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/403546?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=ppc64le&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/489239?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=armv7&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/419735?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=aarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=aarch64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/419740?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=riscv64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=riscv64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/419741?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=s390x&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/431799?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=riscv64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=riscv64&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/446486?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/446487?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86_64&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86_64&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/475983?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=s390x&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/476807?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/476808?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86_64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86_64&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/489237?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=aarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=aarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/489244?format=json","purl":"pkg:apk/alpine/docker@23.0.3-r0?arch=x86&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/docker@23.0.3-r0%3Farch=x86&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/582637?format=json","purl":"pkg:deb/debian/docker.io@20.10.24%2Bdfsg1-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.24%252Bdfsg1-1"},{"url":"http://public2.vulnerablecode.io/api/packages/921997?format=json","purl":"pkg:deb/debian/docker.io@20.10.24%2Bdfsg1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.24%252Bdfsg1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582264?format=json","purl":"pkg:deb/debian/docker.io@20.10.24%2Bdfsg1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sky-21r5-3qcu"},{"vulnerability":"VCID-6tg9-3vhh-muae"},{"vulnerability":"VCID-8e1u-z6kg-ryhc"},{"vulnerability":"VCID-b2qe-8u58-2qck"},{"vulnerability":"VCID-njcw-wc13-dqcz"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.24%252Bdfsg1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582265?format=json","purl":"pkg:deb/debian/docker.io@26.1.5%2Bdfsg1-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@26.1.5%252Bdfsg1-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582266?format=json","purl":"pkg:deb/debian/docker.io@28.5.2%2Bdfsg3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@28.5.2%252Bdfsg3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081511?format=json","purl":"pkg:deb/debian/docker.io@28.5.2%2Bdfsg4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@28.5.2%252Bdfsg4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/84650?format=json","purl":"pkg:ebuild/app-containers/docker@25.0.4","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/docker@25.0.4"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/582263?format=json","purl":"pkg:deb/debian/docker.io@20.10.5%2Bdfsg1-1%2Bdeb11u2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sky-21r5-3qcu"},{"vulnerability":"VCID-6tg9-3vhh-muae"},{"vulnerability":"VCID-8e1u-z6kg-ryhc"},{"vulnerability":"VCID-avqu-wswg-c3ga"},{"vulnerability":"VCID-b2qe-8u58-2qck"},{"vulnerability":"VCID-bzeb-kj67-vfds"},{"vulnerability":"VCID-e82r-vc77-f7bz"},{"vulnerability":"VCID-njcw-wc13-dqcz"},{"vulnerability":"VCID-quyf-eq2s-dbda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.5%252Bdfsg1-1%252Bdeb11u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/582636?format=json","purl":"pkg:deb/debian/docker.io@20.10.5%2Bdfsg1-1%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1sky-21r5-3qcu"},{"vulnerability":"VCID-41ft-14gt-bbbq"},{"vulnerability":"VCID-6tg9-3vhh-muae"},{"vulnerability":"VCID-8e1u-z6kg-ryhc"},{"vulnerability":"VCID-avqu-wswg-c3ga"},{"vulnerability":"VCID-b2qe-8u58-2qck"},{"vulnerability":"VCID-bzeb-kj67-vfds"},{"vulnerability":"VCID-e82r-vc77-f7bz"},{"vulnerability":"VCID-njcw-wc13-dqcz"},{"vulnerability":"VCID-quyf-eq2s-dbda"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/docker.io@20.10.5%252Bdfsg1-1%252Bdeb11u2"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28841.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28841.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28841","reference_id":"","reference_type":"","scores":[{"value":"0.02956","scoring_system":"epss","scoring_elements":"0.86435","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02956","scoring_system":"epss","scoring_elements":"0.86417","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03129","scoring_system":"epss","scoring_elements":"0.86863","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03129","scoring_system":"epss","scoring_elements":"0.86877","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03129","scoring_system":"epss","scoring_elements":"0.86876","published_at":"2026-04-18T12:55:00Z"},{"value":"0.03129","scoring_system":"epss","scoring_elements":"0.86871","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03129","scoring_system":"epss","scoring_elements":"0.86854","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03129","scoring_system":"epss","scoring_elements":"0.86859","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03129","scoring_system":"epss","scoring_elements":"0.8685","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03129","scoring_system":"epss","scoring_elements":"0.86841","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03129","scoring_system":"epss","scoring_elements":"0.86821","published_at":"2026-04-07T12:55:00Z"},{"value":"0.04189","scoring_system":"epss","scoring_elements":"0.88745","published_at":"2026-04-24T12:55:00Z"},{"value":"0.04189","scoring_system":"epss","scoring_elements":"0.88751","published_at":"2026-04-29T12:55:00Z"},{"value":"0.04189","scoring_system":"epss","scoring_elements":"0.88761","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28841"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28841","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28841"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/moby/libnetwork/blob/d9fae4c73daf76c3b0f77e14b45b8bf612ba764d/drivers/overlay/encryption.go#L205-L207","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T21:32:19Z/"}],"url":"https://github.com/moby/libnetwork/blob/d9fae4c73daf76c3b0f77e14b45b8bf612ba764d/drivers/overlay/encryption.go#L205-L207"},{"reference_url":"https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T21:32:19Z/"}],"url":"https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333"},{"reference_url":"https://github.com/moby/moby","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/moby/moby"},{"reference_url":"https://github.com/moby/moby/issues/43382","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T21:32:19Z/"}],"url":"https://github.com/moby/moby/issues/43382"},{"reference_url":"https://github.com/moby/moby/pull/45118","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T21:32:19Z/"}],"url":"https://github.com/moby/moby/pull/45118"},{"reference_url":"https://github.com/moby/moby/security/advisories/GHSA-232p-vwff-86mp","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T21:32:19Z/"}],"url":"https://github.com/moby/moby/security/advisories/GHSA-232p-vwff-86mp"},{"reference_url":"https://github.com/moby/moby/security/advisories/GHSA-33pg-m6jh-5237","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T21:32:19Z/"}],"url":"https://github.com/moby/moby/security/advisories/GHSA-33pg-m6jh-5237"},{"reference_url":"https://github.com/moby/moby/security/advisories/GHSA-6wrf-mxfj-pf5p","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T21:32:19Z/"}],"url":"https://github.com/moby/moby/security/advisories/GHSA-6wrf-mxfj-pf5p"},{"reference_url":"https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T21:32:19Z/"}],"url":"https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28841","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28841"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184685","reference_id":"2184685","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2184685"},{"reference_url":"https://security.gentoo.org/glsa/202409-29","reference_id":"GLSA-202409-29","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-29"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/","reference_id":"LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T21:32:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LYZOKMMVX4SIEHPJW3SJUQGMO5YZCPHC/"},{"reference_url":"https://usn.ubuntu.com/7474-1/","reference_id":"USN-7474-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7474-1/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/","reference_id":"XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T21:32:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XNF4OLYZRQE75EB5TW5N42FSXHBXGWFE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/","reference_id":"ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-10T21:32:19Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZTE4ITXXPIWZEQ4HYQCB6N6GZIMWXDAI/"}],"weaknesses":[{"cwe_id":311,"name":"Missing Encryption of Sensitive Data","description":"The product does not encrypt sensitive or critical information before storage or transmission."},{"cwe_id":636,"name":"Not Failing Securely ('Failing Open')","description":"When the product encounters an error condition or failure, its design requires it to fall back to a state that is less secure than other options that are available, such as selecting the weakest encryption algorithm or using the most permissive access control restrictions."},{"cwe_id":200,"name":"Exposure of Sensitive Information to an Unauthorized Actor","description":"The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information."}],"exploits":[],"severity_range_score":"4.0 - 6.9","exploitability":"0.5","weighted_severity":"6.2","risk_score":3.1,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-quyf-eq2s-dbda"}