{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/31360?format=json","vulnerability_id":"VCID-seds-dzew-jyfs","summary":"runc AppArmor bypass with symlinked /proc\n### Impact\nIt was found that AppArmor, and potentially SELinux, can be bypassed when `/proc` inside the container is symlinked with a specific mount configuration.\n\n### Patches\nFixed in runc v1.1.5, by prohibiting symlinked `/proc`: https://github.com/opencontainers/runc/pull/3785\n\nThis PR fixes CVE-2023-27561 as well.\n\n### Workarounds\nAvoid using an untrusted container image.","aliases":[{"alias":"CVE-2023-28642"},{"alias":"GHSA-g2j6-57v7-gm8c"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/407006?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=aarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=aarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/407007?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armhf&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armhf&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/407008?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armv7&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armv7&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/407009?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=loongarch64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/407014?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86_64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86_64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/408562?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=aarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=aarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/408563?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armhf&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armhf&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/408569?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/408570?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86_64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86_64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/437922?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=aarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=aarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/437928?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=s390x&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=s390x&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/437929?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/437930?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86_64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86_64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/461233?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armhf&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armhf&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/461234?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armv7&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armv7&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/461235?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=ppc64le&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=ppc64le&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/461236?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=s390x&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=s390x&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/461237?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/482703?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armhf&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armhf&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/482704?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armv7&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armv7&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/482706?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=riscv64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=riscv64&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/482707?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=s390x&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=s390x&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/482708?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/482709?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86_64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86_64&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485989?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=aarch64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=aarch64&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485990?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armhf&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armhf&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485991?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armv7&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armv7&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485992?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=ppc64le&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=ppc64le&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485993?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=s390x&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=s390x&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/951580?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=aarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=aarch64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/951581?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armhf&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armhf&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/951582?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armv7&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armv7&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/951583?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=loongarch64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/951584?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=ppc64le&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/951585?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=riscv64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=riscv64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/482705?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=ppc64le&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=ppc64le&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/407010?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=ppc64le&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/407011?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=riscv64&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=riscv64&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/407012?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=s390x&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=s390x&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/407013?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86&distroversion=v3.22&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86&distroversion=v3.22&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/408564?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armv7&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/408565?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=loongarch64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/408566?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=ppc64le&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/408567?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=riscv64&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=riscv64&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/408568?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=s390x&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=s390x&distroversion=v3.23&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/437923?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armhf&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armhf&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/437924?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=armv7&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=armv7&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/437925?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=loongarch64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=loongarch64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/437926?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=ppc64le&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=ppc64le&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/437927?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=riscv64&distroversion=edge&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=riscv64&distroversion=edge&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/461232?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=aarch64&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=aarch64&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/461238?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86_64&distroversion=v3.19&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86_64&distroversion=v3.19&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/482702?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=aarch64&distroversion=v3.20&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=aarch64&distroversion=v3.20&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485994?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/485995?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86_64&distroversion=v3.18&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86_64&distroversion=v3.18&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/951586?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=s390x&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=s390x&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/951587?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/951588?format=json","purl":"pkg:apk/alpine/runc@1.1.4-r0?arch=x86_64&distroversion=v3.21&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.4-r0%3Farch=x86_64&distroversion=v3.21&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/953460?format=json","purl":"pkg:apk/alpine/runc@1.1.5-r0?arch=ppc64le&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.5-r0%3Farch=ppc64le&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/953461?format=json","purl":"pkg:apk/alpine/runc@1.1.5-r0?arch=s390x&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.5-r0%3Farch=s390x&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/953462?format=json","purl":"pkg:apk/alpine/runc@1.1.5-r0?arch=x86&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.5-r0%3Farch=x86&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/953463?format=json","purl":"pkg:apk/alpine/runc@1.1.5-r0?arch=x86_64&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.5-r0%3Farch=x86_64&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/953457?format=json","purl":"pkg:apk/alpine/runc@1.1.5-r0?arch=aarch64&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.5-r0%3Farch=aarch64&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/953458?format=json","purl":"pkg:apk/alpine/runc@1.1.5-r0?arch=armhf&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.5-r0%3Farch=armhf&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/953459?format=json","purl":"pkg:apk/alpine/runc@1.1.5-r0?arch=armv7&distroversion=v3.17&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/runc@1.1.5-r0%3Farch=armv7&distroversion=v3.17&reponame=community"},{"url":"http://public2.vulnerablecode.io/api/packages/994646?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5"},{"url":"http://public2.vulnerablecode.io/api/packages/938512?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u5?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u5%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938525?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938510?format=json","purl":"pkg:deb/debian/runc@1.1.5%2Bds1-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"},{"vulnerability":"VCID-x2zb-mehm-ebge"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.5%252Bds1-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938514?format=json","purl":"pkg:deb/debian/runc@1.1.15%2Bds1-2?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-mt76-ah1b-s3gc"},{"vulnerability":"VCID-vk37-s4p6-fufm"},{"vulnerability":"VCID-wxsf-mu1t-aqa4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.1.15%252Bds1-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/938513?format=json","purl":"pkg:deb/debian/runc@1.3.5%2Bds1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.3.5%252Bds1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/74623?format=json","purl":"pkg:ebuild/app-containers/runc@1.1.12","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/app-containers/runc@1.1.12"},{"url":"http://public2.vulnerablecode.io/api/packages/71759?format=json","purl":"pkg:golang/github.com/opencontainers/runc@1.1.5","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:golang/github.com/opencontainers/runc@1.1.5"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1052230?format=json","purl":"pkg:deb/debian/runc@0.1.1%2Bdfsg1-1~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-165g-hgmx-nybk"},{"vulnerability":"VCID-3m4n-58pj-mkeb"},{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-7juj-78y7-g7b6"},{"vulnerability":"VCID-997v-f2ds-e3e4"},{"vulnerability":"VCID-9mdg-3961-cybf"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"},{"vulnerability":"VCID-zex4-9xyf-6yf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@0.1.1%252Bdfsg1-1~bpo8%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1052231?format=json","purl":"pkg:deb/debian/runc@0.1.1%2Bdfsg1-2%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4n-58pj-mkeb"},{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-7juj-78y7-g7b6"},{"vulnerability":"VCID-997v-f2ds-e3e4"},{"vulnerability":"VCID-9mdg-3961-cybf"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"},{"vulnerability":"VCID-zex4-9xyf-6yf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@0.1.1%252Bdfsg1-2%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1052232?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc2%2Bgit20161109.131.5137186-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4n-58pj-mkeb"},{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-7juj-78y7-g7b6"},{"vulnerability":"VCID-997v-f2ds-e3e4"},{"vulnerability":"VCID-9mdg-3961-cybf"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"},{"vulnerability":"VCID-zex4-9xyf-6yf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc2%252Bgit20161109.131.5137186-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1052233?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc6%2Bdfsg1-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4n-58pj-mkeb"},{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-997v-f2ds-e3e4"},{"vulnerability":"VCID-9mdg-3961-cybf"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"},{"vulnerability":"VCID-zex4-9xyf-6yf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc6%252Bdfsg1-2"},{"url":"http://public2.vulnerablecode.io/api/packages/1052234?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc6%2Bdfsg1-3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4n-58pj-mkeb"},{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-997v-f2ds-e3e4"},{"vulnerability":"VCID-9mdg-3961-cybf"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"},{"vulnerability":"VCID-zex4-9xyf-6yf1"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc6%252Bdfsg1-3"},{"url":"http://public2.vulnerablecode.io/api/packages/1052235?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3m4n-58pj-mkeb"},{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5"},{"url":"http://public2.vulnerablecode.io/api/packages/1052236?format=json","purl":"pkg:deb/debian/runc@1.0.0~rc93%2Bds1-5%2Bdeb11u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3yvf-q4uj-dbdh"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-tsgr-5mwt-jkeh"},{"vulnerability":"VCID-v2ys-xbn5-guh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/runc@1.0.0~rc93%252Bds1-5%252Bdeb11u2"},{"url":"http://public2.vulnerablecode.io/api/packages/96383?format=json","purl":"pkg:rpm/redhat/runc@4:1.1.9-1?arch=el9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-e44x-a9xm-6ke9"},{"vulnerability":"VCID-jc1e-8tt4-xqdn"},{"vulnerability":"VCID-seds-dzew-jyfs"},{"vulnerability":"VCID-v2ys-xbn5-guh4"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/runc@4:1.1.9-1%3Farch=el9"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28642.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-28642.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28642","reference_id":"","reference_type":"","scores":[{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01328","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01813","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01752","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0175","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01739","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0174","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01825","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01815","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01811","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01857","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01817","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01804","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01822","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01826","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01805","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01755","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01759","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01767","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01762","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-28642"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28642"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/opencontainers/runc","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/opencontainers/runc"},{"reference_url":"https://github.com/opencontainers/runc/pull/3785","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:47Z/"}],"url":"https://github.com/opencontainers/runc/pull/3785"},{"reference_url":"https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-12T16:02:47Z/"}],"url":"https://github.com/opencontainers/runc/security/advisories/GHSA-g2j6-57v7-gm8c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28642","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2023-28642"},{"reference_url":"https://security.netapp.com/advisory/ntap-20241206-0005","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20241206-0005"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182883","reference_id":"2182883","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2182883"},{"reference_url":"https://security.gentoo.org/glsa/202408-25","reference_id":"GLSA-202408-25","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202408-25"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1326","reference_id":"RHSA-2023:1326","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1326"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6380","reference_id":"RHSA-2023:6380","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6380"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6938","reference_id":"RHSA-2023:6938","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6938"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6939","reference_id":"RHSA-2023:6939","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6939"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0564","reference_id":"RHSA-2024:0564","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0564"},{"reference_url":"https://usn.ubuntu.com/6088-1/","reference_id":"USN-6088-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-1/"},{"reference_url":"https://usn.ubuntu.com/6088-2/","reference_id":"USN-6088-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6088-2/"}],"weaknesses":[{"cwe_id":281,"name":"Improper Preservation of Permissions","description":"The product does not preserve permissions or incorrectly preserves permissions when copying, restoring, or sharing objects, which can cause them to have less restrictive permissions than intended."},{"cwe_id":59,"name":"Improper Link Resolution Before File Access ('Link Following')","description":"The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource."},{"cwe_id":305,"name":"Authentication Bypass by Primary Weakness","description":"The authentication algorithm is sound, but the implemented mechanism can be bypassed as the result of a separate weakness that is primary to the authentication error."}],"exploits":[],"severity_range_score":"4.0 - 7.8","exploitability":"0.5","weighted_severity":"7.0","risk_score":3.5,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-seds-dzew-jyfs"}