Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/91343?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/91343?format=api", "vulnerability_id": "VCID-n4r3-ny4a-ykgw", "summary": "shim: RCE in http boot support may lead to Secure Boot bypass", "aliases": [ { "alias": "CVE-2023-40547" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/128831?format=api", "purl": "pkg:deb/debian/shim@15.8-1~deb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/shim@15.8-1~deb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/742976?format=api", "purl": "pkg:deb/debian/shim@15.8-1~deb11u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/shim@15.8-1~deb11u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/128829?format=api", "purl": "pkg:deb/debian/shim@15.8-1~deb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/shim@15.8-1~deb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/128833?format=api", "purl": "pkg:deb/debian/shim@15.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/shim@15.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/128834?format=api", "purl": "pkg:deb/debian/shim@16.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/shim@16.1-2%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/742974?format=api", "purl": "pkg:deb/debian/shim@0.9%2B1474479173.6c180c6-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-at69-62wn-hqa1" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/shim@0.9%252B1474479173.6c180c6-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/742975?format=api", "purl": "pkg:deb/debian/shim@15.4-7~deb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-at69-62wn-hqa1" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/shim@15.4-7~deb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/113488?format=api", "purl": "pkg:rpm/redhat/shim@15.8-2?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim@15.8-2%3Farch=el8" }, { "url": "http://public2.vulnerablecode.io/api/packages/113497?format=api", "purl": "pkg:rpm/redhat/shim@15.8-2?arch=el8_4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim@15.8-2%3Farch=el8_4" }, { "url": "http://public2.vulnerablecode.io/api/packages/113498?format=api", "purl": "pkg:rpm/redhat/shim@15.8-2?arch=el8_6", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim@15.8-2%3Farch=el8_6" }, { "url": "http://public2.vulnerablecode.io/api/packages/113499?format=api", "purl": "pkg:rpm/redhat/shim@15.8-2?arch=el8_2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim@15.8-2%3Farch=el8_2" }, { "url": "http://public2.vulnerablecode.io/api/packages/113491?format=api", "purl": "pkg:rpm/redhat/shim@15.8-3?arch=el9_2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim@15.8-3%3Farch=el9_2" }, { "url": "http://public2.vulnerablecode.io/api/packages/113494?format=api", "purl": "pkg:rpm/redhat/shim@15.8-3?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim@15.8-3%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/113496?format=api", "purl": "pkg:rpm/redhat/shim@15.8-3?arch=el9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim@15.8-3%3Farch=el9" }, { "url": "http://public2.vulnerablecode.io/api/packages/113489?format=api", "purl": "pkg:rpm/redhat/shim@15.8-4?arch=el9_3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim@15.8-4%3Farch=el9_3" }, { "url": "http://public2.vulnerablecode.io/api/packages/113490?format=api", "purl": "pkg:rpm/redhat/shim@15.8-4?arch=el8_9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim@15.8-4%3Farch=el8_9" }, { "url": "http://public2.vulnerablecode.io/api/packages/113500?format=api", "purl": "pkg:rpm/redhat/shim-signed@15.8-1?arch=el7", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim-signed@15.8-1%3Farch=el7" }, { "url": "http://public2.vulnerablecode.io/api/packages/113495?format=api", "purl": "pkg:rpm/redhat/shim-unsigned-aarch64@15.8-2?arch=el9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim-unsigned-aarch64@15.8-2%3Farch=el9" }, { "url": "http://public2.vulnerablecode.io/api/packages/113492?format=api", "purl": "pkg:rpm/redhat/shim-unsigned-x64@15.8-2?arch=el8", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim-unsigned-x64@15.8-2%3Farch=el8" }, { "url": "http://public2.vulnerablecode.io/api/packages/113493?format=api", "purl": "pkg:rpm/redhat/shim-unsigned-x64@15.8-2?arch=el9", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1576-m63j-zqe2" }, { "vulnerability": "VCID-8bkf-xpfw-5kat" }, { "vulnerability": "VCID-n4r3-ny4a-ykgw" }, { "vulnerability": "VCID-nh6m-n7ym-6ygk" }, { "vulnerability": "VCID-nnvf-3jvk-tyd8" }, { "vulnerability": "VCID-s6mu-2smy-juh6" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/shim-unsigned-x64@15.8-2%3Farch=el9" } ], "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40547.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40547.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40547", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03784", "scoring_system": "epss", "scoring_elements": "0.88294", "published_at": "2026-06-08T12:55:00Z" }, { "value": "0.03784", "scoring_system": "epss", "scoring_elements": "0.88293", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.03784", "scoring_system": "epss", "scoring_elements": "0.88309", "published_at": "2026-06-09T12:55:00Z" }, { "value": "0.03784", "scoring_system": "epss", "scoring_elements": "0.88291", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-40547" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40547", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40547" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061519", "reference_id": "1061519", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061519" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234589", "reference_id": "2234589", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:44Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2234589" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos", "reference_id": "cpe:/o:redhat:enterprise_linux:9::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_aus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_e4s:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_e4s:8.4::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.6::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.6::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:8.8::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:8.8::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.0::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.0::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_id": "cpe:/o:redhat:rhel_eus:9.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_eus:9.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.2::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.2::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.2::baseos" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos", "reference_id": "cpe:/o:redhat:rhel_tus:8.4::baseos", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_tus:8.4::baseos" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-40547", "reference_id": "CVE-2023-40547", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:44Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-40547" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1834", "reference_id": "RHSA-2024:1834", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:44Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1834" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1835", "reference_id": "RHSA-2024:1835", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:44Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1835" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1873", "reference_id": "RHSA-2024:1873", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:44Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1876", "reference_id": "RHSA-2024:1876", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:44Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1876" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1883", "reference_id": "RHSA-2024:1883", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:44Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1883" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1902", "reference_id": "RHSA-2024:1902", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:44Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1902" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1903", "reference_id": "RHSA-2024:1903", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:44Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1903" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1959", "reference_id": "RHSA-2024:1959", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:44Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1959" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2086", "reference_id": "RHSA-2024:2086", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-13T05:00:44Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2086" } ], "weaknesses": [ { "cwe_id": 346, "name": "Origin Validation Error", "description": "The product does not properly verify that the source of data or communication is valid." }, { "cwe_id": 787, "name": "Out-of-bounds Write", "description": "The product writes data past the end, or before the beginning, of the intended buffer." } ], "exploits": [], "severity_range_score": "7.1 - 8.3", "exploitability": "0.5", "weighted_severity": "7.5", "risk_score": 3.8, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n4r3-ny4a-ykgw" }