VulnerableCode Vulnerability Details

Search for vulnerabilities

Vulnerability details: VCID-9tzb-1ct4-aaas

Essentials
Severities (110)
References (22)
Severity details (22)
Exploits (0)
EPSS
History (0)

Vulnerability ID	VCID-9tzb-1ct4-aaas
Aliases	CVE-2023-39323
Summary	Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.
Status	Published
Exploitability	0.5
Weighted Severity	7.3
Risk	3.6
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-94

Improper Control of Generation of Code ('Code Injection')

System	Score	Found at
cvssv3	8.1	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39323.json
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.0006	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00066	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00076	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00281	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00281	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00281	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00322	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00339	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00375	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00375	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00375	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00375	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00375	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00375	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00375	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00375	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00375	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00375	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.00375	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.04409	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
epss	0.142	https://api.first.org/data/v1/epss?cve=CVE-2023-39323
cvssv3.1	7.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	8.1	https://go.dev/cl/533215
ssvc	Track	https://go.dev/cl/533215
cvssv3.1	8.1	https://go.dev/issue/63211
ssvc	Track	https://go.dev/issue/63211
cvssv3.1	8.1	https://groups.google.com/g/golang-announce/c/XBa1oHDevAo
ssvc	Track	https://groups.google.com/g/golang-announce/c/XBa1oHDevAo
cvssv3.1	8.1	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
cvssv3.1	8.1	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
cvssv3.1	8.1	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
cvssv3	8.1	https://nvd.nist.gov/vuln/detail/CVE-2023-39323
cvssv3.1	8.1	https://nvd.nist.gov/vuln/detail/CVE-2023-39323
cvssv3.1	8.1	https://pkg.go.dev/vuln/GO-2023-2095
ssvc	Track	https://pkg.go.dev/vuln/GO-2023-2095
cvssv3.1	8.1	https://security.gentoo.org/glsa/202311-09
ssvc	Track	https://security.gentoo.org/glsa/202311-09
cvssv3.1	8.1	https://security.netapp.com/advisory/ntap-20231020-0001/
ssvc	Track	https://security.netapp.com/advisory/ntap-20231020-0001/

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39323.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-39323
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39323
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
		https://go.dev/cl/533215
		https://go.dev/issue/63211
		https://groups.google.com/g/golang-announce/c/XBa1oHDevAo
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/
		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/
		https://pkg.go.dev/vuln/GO-2023-2095
		https://security.netapp.com/advisory/ntap-20231020-0001/
2242544		https://bugzilla.redhat.com/show_bug.cgi?id=2242544
cpe:2.3:a:golang:go::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:golang:go::::::::
cpe:2.3:o:fedoraproject:fedora:37:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:37:::::::*
cpe:2.3:o:fedoraproject:fedora:38:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:38:::::::*
cpe:2.3:o:fedoraproject:fedora:39:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:39:::::::*
CVE-2023-39323		https://nvd.nist.gov/vuln/detail/CVE-2023-39323
GLSA-202311-09		https://security.gentoo.org/glsa/202311-09
USN-6574-1		https://usn.ubuntu.com/6574-1/
USN-7109-1		https://usn.ubuntu.com/7109-1/
USN-7111-1		https://usn.ubuntu.com/7111-1/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-39323.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://go.dev/cl/533215

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T15:14:25Z/ Found at https://go.dev/cl/533215

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://go.dev/issue/63211

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T15:14:25Z/ Found at https://go.dev/issue/63211

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://groups.google.com/g/golang-announce/c/XBa1oHDevAo

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T15:14:25Z/ Found at https://groups.google.com/g/golang-announce/c/XBa1oHDevAo

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T15:14:25Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-39323

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2023-39323

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://pkg.go.dev/vuln/GO-2023-2095

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T15:14:25Z/ Found at https://pkg.go.dev/vuln/GO-2023-2095

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://security.gentoo.org/glsa/202311-09

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T15:14:25Z/ Found at https://security.gentoo.org/glsa/202311-09

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://security.netapp.com/advisory/ntap-20231020-0001/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-06-12T15:14:25Z/ Found at https://security.netapp.com/advisory/ntap-20231020-0001/

Exploit Prediction Scoring System (EPSS)

Percentile	0.19057
EPSS Score	0.0006
Published At	June 3, 2025, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.