[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2024-9676":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T20:55:29.923Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":40,"aliases":41,"duplicate_of":9,"upstream":42,"downstream":43,"duplicates":96,"related":97,"reserved_at":9,"published_at":109,"modified_at":110,"state":111,"summary":112,"references_raw":121,"kevs":212,"epss":213,"epss_history":216,"metrics":473,"affected":481},"CVE-2024-9676","A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-22","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.","weakness","Stable","Base","High",[20,24,28,32,36],{"id":21,"name":22,"techniques":23},"CAPEC-126","Path Traversal",[],{"id":25,"name":26,"techniques":27},"CAPEC-64","Using Slashes and URL Encoding Combined to Bypass Validation Logic",[],{"id":29,"name":30,"techniques":31},"CAPEC-76","Manipulating Web Input to File System Calls",[],{"id":33,"name":34,"techniques":35},"CAPEC-78","Using Escaped Slashes in Alternate Encoding",[],{"id":37,"name":38,"techniques":39},"CAPEC-79","Using Slashes in Alternate Encoding",[],[],[],[],[44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94],{"_key":45},"SUSE-SU-2024:3988-1",{"_key":47},"SUSE-SU-2024:4303-1",{"_key":49},"SUSE-SU-2025:0267-1",{"_key":51},"SUSE-SU-2025:0775-1",{"_key":53},"SUSE-SU-2024:3753-1",{"_key":55},"SUSE-SU-2024:3754-1",{"_key":57},"OPENSUSE-SU-2024:14418-1",{"_key":59},"OPENSUSE-SU-2024:14420-1",{"_key":61},"OPENSUSE-SU-2024:14562-1",{"_key":63},"SUSE-SU-2025:20080-1",{"_key":65},"SUSE-SU-2025:20085-1",{"_key":67},"UBUNTU-CVE-2024-9676",{"_key":69},"DEBIAN-CVE-2024-9676",{"_key":71},"RHSA-2024:10289",{"_key":73},"RHSA-2024:8437",{"_key":75},"RHSA-2024:8686",{"_key":77},"RHSA-2024:8984",{"_key":79},"RHSA-2024:9051",{"_key":81},"RHSA-2024:9926",{"_key":83},"RHSA-2024:8428",{"_key":85},"RHSA-2024:8690",{"_key":87},"RHSA-2024:8694",{"_key":89},"RHSA-2024:8700",{"_key":91},"RHSA-2024:9454",{"_key":93},"RHSA-2024:9459",{"_key":95},"RHSA-2024:8418",[],[98,99,100,101,102,103,104,105,106,107,108],{"_key":45},{"_key":47},{"_key":49},{"_key":51},{"_key":53},{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},"2024-10-15T15:27:33.665Z","2026-04-24T15:07:44.878Z","Modified",{"cisa_kev":113,"cisa_ransomware":113,"cisa_vendor":9,"epss_severity":114,"epss_score":115,"severity":116,"severity_score":117,"severity_version":118,"severity_source":119,"severity_vector":120,"severity_status":111},false,"low",0.01561,"medium",6.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",[122,129,133,137,141,145,149,153,157,161,165,169,173,177,181,185,189,193,198,203,208],{"url":123,"sources":124,"tags":126},"https://access.redhat.com/errata/RHSA-2024:10289",[119,125],"nvd",[127,128],"Vendor Advisory","X Refsource REDHAT",{"url":130,"sources":131,"tags":132},"https://access.redhat.com/errata/RHSA-2024:8418",[119,125],[127,128],{"url":134,"sources":135,"tags":136},"https://access.redhat.com/errata/RHSA-2024:8428",[119,125],[127,128],{"url":138,"sources":139,"tags":140},"https://access.redhat.com/errata/RHSA-2024:8437",[119,125],[127,128],{"url":142,"sources":143,"tags":144},"https://access.redhat.com/errata/RHSA-2024:8686",[119,125],[127,128],{"url":146,"sources":147,"tags":148},"https://access.redhat.com/errata/RHSA-2024:8690",[119,125],[127,128],{"url":150,"sources":151,"tags":152},"https://access.redhat.com/errata/RHSA-2024:8694",[119,125],[127,128],{"url":154,"sources":155,"tags":156},"https://access.redhat.com/errata/RHSA-2024:8700",[119,125],[127,128],{"url":158,"sources":159,"tags":160},"https://access.redhat.com/errata/RHSA-2024:8984",[119,125],[127,128],{"url":162,"sources":163,"tags":164},"https://access.redhat.com/errata/RHSA-2024:9051",[119,125],[127,128],{"url":166,"sources":167,"tags":168},"https://access.redhat.com/errata/RHSA-2024:9454",[119,125],[127,128],{"url":170,"sources":171,"tags":172},"https://access.redhat.com/errata/RHSA-2024:9459",[119,125],[127,128],{"url":174,"sources":175,"tags":176},"https://access.redhat.com/errata/RHSA-2024:9926",[119,125],[127,128],{"url":178,"sources":179,"tags":180},"https://access.redhat.com/errata/RHSA-2025:0876",[119,125],[127,128],{"url":182,"sources":183,"tags":184},"https://access.redhat.com/errata/RHSA-2025:2454",[119,125],[127,128],{"url":186,"sources":187,"tags":188},"https://access.redhat.com/errata/RHSA-2025:2710",[119,125],[127,128],{"url":190,"sources":191,"tags":192},"https://access.redhat.com/errata/RHSA-2025:3301",[119,125],[127,128],{"url":194,"sources":195,"tags":196},"https://access.redhat.com/security/cve/CVE-2024-9676",[119,125],[197,128,127],"VDB Entry",{"url":199,"sources":200,"tags":201},"https://bugzilla.redhat.com/show_bug.cgi?id=2317467",[119,125],[202,128],"Issue Tracking",{"url":204,"sources":205,"tags":206},"https://github.com/advisories/GHSA-wq2p-5pc6-wpgf",[119,125],[207],"Third Party Advisory",{"url":209,"sources":210,"tags":211},"https://github.com/containers/storage/commit/935c58f4b3e364a9c9d33ed06476a831e6ad5679",[119,125],[],[],{"date":214,"score":115,"percentile":215},"2026-06-04",0.81812,[217,221,224,227,230,233,236,239,241,244,247,250,253,256,259,263,266,269,271,273,277,280,283,286,289,292,295,298,301,304,306,308,310,313,316,319,322,325,328,331,333,336,338,341,344,347,350,353,356,359,361,364,367,370,373,376,378,381,384,387,390,393,396,399,401,403,406,409,411,414,416,419,421,424,427,430,433,436,439,441,444,447,450,453,456,459,462,465,467,470],{"date":218,"score":219,"percentile":220},"2025-11-04",0.02669,0.85268,{"date":222,"score":219,"percentile":223},"2025-11-05",0.85272,{"date":225,"score":219,"percentile":226},"2025-11-06",0.85274,{"date":228,"score":219,"percentile":229},"2025-11-07",0.85281,{"date":231,"score":219,"percentile":232},"2025-11-08",0.85285,{"date":234,"score":219,"percentile":235},"2025-11-09",0.8528,{"date":237,"score":219,"percentile":238},"2025-11-10",0.85275,{"date":240,"score":219,"percentile":235},"2025-11-11",{"date":242,"score":219,"percentile":243},"2025-11-12",0.85291,{"date":245,"score":219,"percentile":246},"2025-11-13",0.85298,{"date":248,"score":219,"percentile":249},"2025-11-14",0.853,{"date":251,"score":219,"percentile":252},"2025-11-15",0.85294,{"date":254,"score":219,"percentile":255},"2025-11-16",0.85292,{"date":257,"score":219,"percentile":258},"2025-11-17",0.85278,{"date":260,"score":261,"percentile":262},"2025-11-18",0.03962,0.87229,{"date":264,"score":261,"percentile":265},"2025-11-19",0.87233,{"date":267,"score":261,"percentile":268},"2025-11-20",0.87238,{"date":270,"score":219,"percentile":252},"2025-11-21",{"date":272,"score":219,"percentile":243},"2025-11-22",{"date":274,"score":275,"percentile":276},"2025-11-23",0.01331,0.79355,{"date":278,"score":275,"percentile":279},"2025-11-24",0.79354,{"date":281,"score":275,"percentile":282},"2025-11-25",0.79357,{"date":284,"score":275,"percentile":285},"2025-11-26",0.79358,{"date":287,"score":275,"percentile":288},"2025-11-27",0.7936,{"date":290,"score":275,"percentile":291},"2025-11-28",0.79352,{"date":293,"score":275,"percentile":294},"2025-11-29",0.79359,{"date":296,"score":275,"percentile":297},"2025-11-30",0.79356,{"date":299,"score":275,"percentile":300},"2025-12-01",0.79451,{"date":302,"score":275,"percentile":303},"2025-12-02",0.79452,{"date":305,"score":275,"percentile":303},"2025-12-03",{"date":307,"score":275,"percentile":282},"2025-12-04",{"date":309,"score":275,"percentile":288},"2025-12-05",{"date":311,"score":275,"percentile":312},"2025-12-06",0.79362,{"date":314,"score":275,"percentile":315},"2025-12-07",0.79363,{"date":317,"score":275,"percentile":318},"2025-12-08",0.79367,{"date":320,"score":275,"percentile":321},"2025-12-09",0.79385,{"date":323,"score":275,"percentile":324},"2025-12-10",0.79409,{"date":326,"score":275,"percentile":327},"2025-12-11",0.79423,{"date":329,"score":275,"percentile":330},"2025-12-12",0.79441,{"date":332,"score":275,"percentile":330},"2025-12-13",{"date":334,"score":275,"percentile":335},"2025-12-14",0.79439,{"date":337,"score":275,"percentile":335},"2025-12-15",{"date":339,"score":275,"percentile":340},"2025-12-16",0.79448,{"date":342,"score":275,"percentile":343},"2025-12-17",0.79458,{"date":345,"score":275,"percentile":346},"2025-12-18",0.79477,{"date":348,"score":275,"percentile":349},"2025-12-19",0.79487,{"date":351,"score":275,"percentile":352},"2025-12-20",0.79483,{"date":354,"score":275,"percentile":355},"2025-12-21",0.79475,{"date":357,"score":275,"percentile":358},"2025-12-22",0.79476,{"date":360,"score":275,"percentile":355},"2025-12-23",{"date":362,"score":275,"percentile":363},"2025-12-24",0.7949,{"date":365,"score":275,"percentile":366},"2025-12-25",0.7951,{"date":368,"score":275,"percentile":369},"2025-12-26",0.79505,{"date":371,"score":275,"percentile":372},"2025-12-27",0.79551,{"date":374,"score":275,"percentile":375},"2025-12-28",0.79494,{"date":377,"score":275,"percentile":363},"2025-12-29",{"date":379,"score":275,"percentile":380},"2025-12-30",0.79496,{"date":382,"score":275,"percentile":383},"2025-12-31",0.79511,{"date":385,"score":275,"percentile":386},"2026-01-01",0.79604,{"date":388,"score":275,"percentile":389},"2026-01-02",0.79602,{"date":391,"score":275,"percentile":392},"2026-01-03",0.79601,{"date":394,"score":275,"percentile":395},"2026-01-04",0.79504,{"date":397,"score":275,"percentile":398},"2026-01-05",0.79501,{"date":400,"score":275,"percentile":395},"2026-01-06",{"date":402,"score":275,"percentile":366},"2026-01-07",{"date":404,"score":275,"percentile":405},"2026-01-08",0.79519,{"date":407,"score":275,"percentile":408},"2026-01-09",0.79521,{"date":410,"score":275,"percentile":408},"2026-01-10",{"date":412,"score":275,"percentile":413},"2026-01-11",0.79515,{"date":415,"score":275,"percentile":398},"2026-01-12",{"date":417,"score":275,"percentile":418},"2026-01-13",0.79498,{"date":420,"score":275,"percentile":405},"2026-01-14",{"date":422,"score":275,"percentile":423},"2026-01-15",0.79522,{"date":425,"score":275,"percentile":426},"2026-01-16",0.79531,{"date":428,"score":275,"percentile":429},"2026-01-17",0.79539,{"date":431,"score":275,"percentile":432},"2026-01-18",0.79533,{"date":434,"score":275,"percentile":435},"2026-01-19",0.79525,{"date":437,"score":275,"percentile":438},"2026-01-20",0.79526,{"date":440,"score":275,"percentile":432},"2026-01-21",{"date":442,"score":275,"percentile":443},"2026-01-22",0.79544,{"date":445,"score":275,"percentile":446},"2026-01-23",0.79573,{"date":448,"score":275,"percentile":449},"2026-01-24",0.79586,{"date":451,"score":275,"percentile":452},"2026-01-25",0.79577,{"date":454,"score":275,"percentile":455},"2026-01-26",0.79575,{"date":457,"score":275,"percentile":458},"2026-01-27",0.79571,{"date":460,"score":275,"percentile":461},"2026-01-28",0.7957,{"date":463,"score":275,"percentile":464},"2026-01-29",0.79569,{"date":466,"score":275,"percentile":458},"2026-01-30",{"date":468,"score":275,"percentile":469},"2026-01-31",0.79576,{"date":471,"score":275,"percentile":472},"2026-02-01",0.7967,[474,479],{"source":119,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":475,"cvss_v4_0":9},{"baseScore":117,"baseSeverity":476,"vectorString":120,"impactScore":477,"exploitabilityScore":478},"MEDIUM",6,7.2,{"source":125,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":480,"cvss_v4_0":9},{"baseScore":117,"baseSeverity":476,"vectorString":120,"impactScore":477,"exploitabilityScore":478},[482,491,497,503,509,515,521,527,533,538,543,560,569,578,587],{"ecosystem":9,"name":483,"vendor":484,"product":485,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":487},"enterprise linux","redhat","enterprise_linux","o",[488],{"version":489,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0","cpe",{"ecosystem":9,"name":492,"vendor":484,"product":493,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":494},"enterprise linux eus","enterprise_linux_eus",[495],{"version":496,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.4",{"ecosystem":9,"name":498,"vendor":484,"product":499,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":500},"enterprise linux for arm 64","enterprise_linux_for_arm_64",[501],{"version":502,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0_aarch64",{"ecosystem":9,"name":504,"vendor":484,"product":505,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":506},"enterprise linux for arm 64 eus","enterprise_linux_for_arm_64_eus",[507],{"version":508,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.4_aarch64",{"ecosystem":9,"name":510,"vendor":484,"product":511,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":512},"enterprise linux for ibm z systems","enterprise_linux_for_ibm_z_systems",[513],{"version":514,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0_s390x",{"ecosystem":9,"name":516,"vendor":484,"product":517,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":518},"enterprise linux for ibm z systems eus","enterprise_linux_for_ibm_z_systems_eus",[519],{"version":520,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.4_s390x",{"ecosystem":9,"name":522,"vendor":484,"product":523,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":524},"enterprise linux for power little endian","enterprise_linux_for_power_little_endian",[525],{"version":526,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.0_ppc64le",{"ecosystem":9,"name":528,"vendor":484,"product":529,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":530},"enterprise linux for power little endian eus","enterprise_linux_for_power_little_endian_eus",[531],{"version":532,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"9.4_ppc64le",{"ecosystem":9,"name":534,"vendor":484,"product":535,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":536},"enterprise linux server aus","enterprise_linux_server_aus",[537],{"version":496,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":539,"vendor":484,"product":540,"cpe_part":486,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":541},"enterprise linux server for power little endian update services for sap solutions","enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions",[542],{"version":532,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":544,"vendor":484,"product":545,"cpe_part":546,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":547},"openshift container platform","openshift_container_platform","a",[548,550,552,554,556,558],{"version":549,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.12",{"version":551,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.13",{"version":553,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.14",{"version":555,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.15",{"version":557,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.16",{"version":559,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.17",{"ecosystem":9,"name":561,"vendor":484,"product":562,"cpe_part":546,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":563},"openshift container platform for arm64","openshift_container_platform_for_arm64",[564,565,566,567,568],{"version":549,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":551,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":553,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":555,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":557,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":570,"vendor":484,"product":571,"cpe_part":546,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":572},"openshift container platform for ibm z","openshift_container_platform_for_ibm_z",[573,574,575,576,577],{"version":549,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":551,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":553,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":555,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":557,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":579,"vendor":484,"product":580,"cpe_part":546,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":581},"openshift container platform for linuxone","openshift_container_platform_for_linuxone",[582,583,584,585,586],{"version":549,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":551,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":553,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":555,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":557,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"ecosystem":9,"name":588,"vendor":484,"product":589,"cpe_part":546,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":590},"openshift container platform for power","openshift_container_platform_for_power",[591,592,593,594,595],{"version":549,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":551,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":553,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":555,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},{"version":557,"is_range":113,"range_type":490,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]