Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-t4w3-vj56-4fcq

Summary sssd: Race condition during authorization leads to GPO policies functioning inconsistently

Aliases

alias	CVE-2023-3758

Fixed_packages

url pkg:deb/debian/sssd@2.4.1-2?distro=trixie

purl pkg:deb/debian/sssd@2.4.1-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ztj4-pvvh-wuay

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2%3Fdistro=trixie

url	pkg:deb/debian/sssd@2.4.1-2%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/sssd@2.4.1-2%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1

purl pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ztj4-pvvh-wuay

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.8.2-4%252Bdeb12u1

url pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1?distro=trixie

purl pkg:deb/debian/sssd@2.8.2-4%2Bdeb12u1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ztj4-pvvh-wuay

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.8.2-4%252Bdeb12u1%3Fdistro=trixie

url	pkg:deb/debian/sssd@2.9.5-1?distro=trixie
purl	pkg:deb/debian/sssd@2.9.5-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.9.5-1%3Fdistro=trixie

url pkg:deb/debian/sssd@2.10.1-2?distro=trixie

purl pkg:deb/debian/sssd@2.10.1-2?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ztj4-pvvh-wuay

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.10.1-2%3Fdistro=trixie

url	pkg:deb/debian/sssd@2.12.0-4?distro=trixie
purl	pkg:deb/debian/sssd@2.12.0-4?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.12.0-4%3Fdistro=trixie

Affected_packages

url pkg:deb/debian/sssd@1.2.1-4%2Bsqueeze1

purl pkg:deb/debian/sssd@1.2.1-4%2Bsqueeze1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3sh2-437b-ayfj

vulnerability	VCID-5hxw-dnz2-v7by

vulnerability	VCID-bveu-ff3p-gfh7

vulnerability	VCID-d4ke-65rx-13ac

vulnerability	VCID-f5pv-qsd2-gkda

vulnerability	VCID-jhrd-1f8g-6ueh

vulnerability	VCID-kb5t-88br-5yh8

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-t5gr-yesx-hqah

vulnerability	VCID-xpwr-fzex-m7fa

vulnerability	VCID-yn22-35eg-1khb

vulnerability	VCID-zee4-1xpd-27bc

vulnerability	VCID-zz4w-9935-q3gc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@1.2.1-4%252Bsqueeze1

url pkg:deb/debian/sssd@1.8.4-2

purl pkg:deb/debian/sssd@1.8.4-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5hxw-dnz2-v7by

vulnerability	VCID-bveu-ff3p-gfh7

vulnerability	VCID-d4ke-65rx-13ac

vulnerability	VCID-jhrd-1f8g-6ueh

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-t5gr-yesx-hqah

vulnerability	VCID-xpwr-fzex-m7fa

vulnerability	VCID-yn22-35eg-1khb

vulnerability	VCID-zee4-1xpd-27bc

vulnerability	VCID-zz4w-9935-q3gc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@1.8.4-2

url pkg:deb/debian/sssd@1.11.7-3

purl pkg:deb/debian/sssd@1.11.7-3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5hxw-dnz2-v7by

vulnerability	VCID-bveu-ff3p-gfh7

vulnerability	VCID-jhrd-1f8g-6ueh

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-t5gr-yesx-hqah

vulnerability	VCID-yn22-35eg-1khb

vulnerability	VCID-zee4-1xpd-27bc

vulnerability	VCID-zz4w-9935-q3gc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@1.11.7-3

url pkg:deb/debian/sssd@1.11.7.3-3~bpo70%2B1

purl pkg:deb/debian/sssd@1.11.7.3-3~bpo70%2B1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5hxw-dnz2-v7by

vulnerability	VCID-bveu-ff3p-gfh7

vulnerability	VCID-jhrd-1f8g-6ueh

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-t5gr-yesx-hqah

vulnerability	VCID-yn22-35eg-1khb

vulnerability	VCID-zee4-1xpd-27bc

vulnerability	VCID-zz4w-9935-q3gc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@1.11.7.3-3~bpo70%252B1

url pkg:deb/debian/sssd@1.15.0-3%2Bdeb9u1

purl pkg:deb/debian/sssd@1.15.0-3%2Bdeb9u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5hxw-dnz2-v7by

vulnerability	VCID-bveu-ff3p-gfh7

vulnerability	VCID-jhrd-1f8g-6ueh

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-t5gr-yesx-hqah

vulnerability	VCID-yn22-35eg-1khb

vulnerability	VCID-zee4-1xpd-27bc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@1.15.0-3%252Bdeb9u1

url pkg:deb/debian/sssd@1.16.3-3.2

purl pkg:deb/debian/sssd@1.16.3-3.2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5hxw-dnz2-v7by

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-t5gr-yesx-hqah

vulnerability	VCID-yn22-35eg-1khb

vulnerability	VCID-zee4-1xpd-27bc

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@1.16.3-3.2

url pkg:deb/debian/sssd@2.4.1-2

purl pkg:deb/debian/sssd@2.4.1-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-r1m1-kp4g-pbc7

vulnerability	VCID-t4w3-vj56-4fcq

vulnerability	VCID-ztj4-pvvh-wuay

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/sssd@2.4.1-2

url pkg:rpm/redhat/sssd@2.6.2-4.el8_6?arch=3

purl pkg:rpm/redhat/sssd@2.6.2-4.el8_6?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-t4w3-vj56-4fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/sssd@2.6.2-4.el8_6%3Farch=3

url pkg:rpm/redhat/sssd@2.6.2-4.el9_0?arch=3

purl pkg:rpm/redhat/sssd@2.6.2-4.el9_0?arch=3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-t4w3-vj56-4fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/sssd@2.6.2-4.el9_0%3Farch=3

url pkg:rpm/redhat/sssd@2.8.2-4.el8_8?arch=2

purl pkg:rpm/redhat/sssd@2.8.2-4.el8_8?arch=2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-t4w3-vj56-4fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/sssd@2.8.2-4.el8_8%3Farch=2

url pkg:rpm/redhat/sssd@2.8.2-5.el9_2?arch=4

purl pkg:rpm/redhat/sssd@2.8.2-5.el9_2?arch=4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-t4w3-vj56-4fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/sssd@2.8.2-5.el9_2%3Farch=4

url pkg:rpm/redhat/sssd@2.9.4-3?arch=el8_10

purl pkg:rpm/redhat/sssd@2.9.4-3?arch=el8_10

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-t4w3-vj56-4fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/sssd@2.9.4-3%3Farch=el8_10

url pkg:rpm/redhat/sssd@2.9.4-6?arch=el9_4

purl pkg:rpm/redhat/sssd@2.9.4-6?arch=el9_4

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-t4w3-vj56-4fcq

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/sssd@2.9.4-6%3Farch=el9_4

References

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3758.json

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3758.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-3758

reference_id

reference_type

scores

value	0.00029
scoring_system	epss
scoring_elements	0.08285
published_at	2026-05-14T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08118
published_at	2026-04-24T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08081
published_at	2026-04-26T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08053
published_at	2026-04-29T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08023
published_at	2026-05-05T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08154
published_at	2026-05-07T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.0822
published_at	2026-05-09T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08203
published_at	2026-05-11T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.0823
published_at	2026-05-12T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08135
published_at	2026-04-08T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08157
published_at	2026-04-09T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08149
published_at	2026-04-11T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.0813
published_at	2026-04-12T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08113
published_at	2026-04-13T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.0802
published_at	2026-04-16T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08004
published_at	2026-04-18T12:55:00Z

value	0.00029
scoring_system	epss
scoring_elements	0.08161
published_at	2026-04-21T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11739
published_at	2026-04-04T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11696
published_at	2026-04-02T12:55:00Z

value	0.00039
scoring_system	epss
scoring_elements	0.11524
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-3758

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3758
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3758

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070369
reference_id	1070369
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070369

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2223762

reference_id

2223762

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2223762

reference_url

https://github.com/SSSD/sssd/pull/7302

reference_id

7302

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://github.com/SSSD/sssd/pull/7302

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream
reference_id	cpe:/a:redhat:enterprise_linux:8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb
reference_id	cpe:/a:redhat:enterprise_linux:8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
reference_id	cpe:/a:redhat:enterprise_linux:9::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb
reference_id	cpe:/a:redhat:enterprise_linux:9::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb
reference_id	cpe:/a:redhat:rhel_eus:8.6::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream
reference_id	cpe:/a:redhat:rhel_eus:8.8::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb
reference_id	cpe:/a:redhat:rhel_eus:8.8::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb
reference_id	cpe:/a:redhat:rhel_eus:9.0::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream
reference_id	cpe:/a:redhat:rhel_eus:9.2::appstream
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb
reference_id	cpe:/a:redhat:rhel_eus:9.2::crb
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::crb

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6
reference_id	cpe:/o:redhat:enterprise_linux:6
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
reference_id	cpe:/o:redhat:enterprise_linux:7
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos
reference_id	cpe:/o:redhat:enterprise_linux:8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
reference_id	cpe:/o:redhat:enterprise_linux:9::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.6::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos
reference_id	cpe:/o:redhat:rhel_eus:8.8::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.0::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos
reference_id	cpe:/o:redhat:rhel_eus:9.2::baseos
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_id	cpe:/o:redhat:rhev_hypervisor:4.4::el8
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhev_hypervisor:4.4::el8

reference_url

https://access.redhat.com/security/cve/CVE-2023-3758

reference_id

CVE-2023-3758

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/security/cve/CVE-2023-3758

reference_url

https://access.redhat.com/errata/RHSA-2024:1919

reference_id

RHSA-2024:1919

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:1919

reference_url

https://access.redhat.com/errata/RHSA-2024:1920

reference_id

RHSA-2024:1920

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:1920

reference_url

https://access.redhat.com/errata/RHSA-2024:1921

reference_id

RHSA-2024:1921

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:1921

reference_url

https://access.redhat.com/errata/RHSA-2024:1922

reference_id

RHSA-2024:1922

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:1922

reference_url

https://access.redhat.com/errata/RHSA-2024:2571

reference_id

RHSA-2024:2571

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:2571

reference_url

https://access.redhat.com/errata/RHSA-2024:3270

reference_id

RHSA-2024:3270

reference_type

scores

value	7.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-06T16:31:24Z/

url

https://access.redhat.com/errata/RHSA-2024:3270

reference_url	https://usn.ubuntu.com/6836-1/
reference_id	USN-6836-1
reference_type
scores
url	https://usn.ubuntu.com/6836-1/

Weaknesses

cwe_id	362
name	Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
description	The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

Exploits

Severity_range_score 7.1 - 7.1

Exploitability 0.5

Weighted_severity 6.4

Risk_score 3.2

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4w3-vj56-4fcq

Vulnerability Instance