Refine your search
5 vulnerabilities found for apko by chainguard-dev
CVE-2026-25140 (GCVE-0-2026-25140)
Vulnerability from cvelistv5
Published
2026-02-04 19:02
Modified
2026-02-04 19:17
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, an attacker who controls or compromises an APK repository used by apko could cause resource exhaustion on the build host. The ExpandApk function in pkg/apk/expandapk/expandapk.go expands .apk streams without enforcing decompression limits, allowing a malicious repository to serve a small, highly-compressed .apk that inflates into a large tar stream, consuming excessive disk space and CPU time, causing build failures or denial of service. This issue has been patched in version 1.1.1.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| chainguard-dev | apko |
Version: >= 0.14.8, < 1.1.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25140",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T19:17:26.936567Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T19:17:36.596Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "apko",
"vendor": "chainguard-dev",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.14.8, \u003c 1.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, an attacker who controls or compromises an APK repository used by apko could cause resource exhaustion on the build host. The ExpandApk function in pkg/apk/expandapk/expandapk.go expands .apk streams without enforcing decompression limits, allowing a malicious repository to serve a small, highly-compressed .apk that inflates into a large tar stream, consuming excessive disk space and CPU time, causing build failures or denial of service. This issue has been patched in version 1.1.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T19:02:20.988Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-f4w5-5xv9-85f6",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-f4w5-5xv9-85f6"
},
{
"name": "https://github.com/chainguard-dev/apko/commit/2be3903fe194ad46351840f0569b35f5ac965f09",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chainguard-dev/apko/commit/2be3903fe194ad46351840f0569b35f5ac965f09"
}
],
"source": {
"advisory": "GHSA-f4w5-5xv9-85f6",
"discovery": "UNKNOWN"
},
"title": "apko affected by potential unbounded resource consumption in expandapk.ExpandApk on attacker-controlled .apk streams"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-25140",
"datePublished": "2026-02-04T19:02:20.988Z",
"dateReserved": "2026-01-29T15:39:11.820Z",
"dateUpdated": "2026-02-04T19:17:36.596Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25121 (GCVE-0-2026-25121)
Vulnerability from cvelistv5
Published
2026-02-04 19:02
Modified
2026-02-04 19:18
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-23 - Relative Path Traversal
Summary
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko's dirFS filesystem abstraction. An attacker who can supply a malicious APK package (e.g., via a compromised or typosquatted repository) could create directories or symlinks outside the intended installation root. The MkdirAll, Mkdir, and Symlink methods in pkg/apk/fs/rwosfs.go use filepath.Join() without validating that the resulting path stays within the base directory. This issue has been patched in version 1.1.1.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| chainguard-dev | apko |
Version: >= 0.14.8, < 1.1.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25121",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T19:18:20.797586Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T19:18:52.495Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "apko",
"vendor": "chainguard-dev",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.14.8, \u003c 1.1.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.1, a path traversal vulnerability was discovered in apko\u0027s dirFS filesystem abstraction. An attacker who can supply a malicious APK package (e.g., via a compromised or typosquatted repository) could create directories or symlinks outside the intended installation root. The MkdirAll, Mkdir, and Symlink methods in pkg/apk/fs/rwosfs.go use filepath.Join() without validating that the resulting path stays within the base directory. This issue has been patched in version 1.1.1."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-23",
"description": "CWE-23: Relative Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T19:02:17.979Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-5g94-c2wx-8pxw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-5g94-c2wx-8pxw"
},
{
"name": "https://github.com/chainguard-dev/apko/commit/d8b7887a968a527791b3c591ae83928cb49a9f14",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chainguard-dev/apko/commit/d8b7887a968a527791b3c591ae83928cb49a9f14"
}
],
"source": {
"advisory": "GHSA-5g94-c2wx-8pxw",
"discovery": "UNKNOWN"
},
"title": "apko is vulnerable to path traversal in apko dirFS which allows filesystem writes outside base"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-25121",
"datePublished": "2026-02-04T19:02:17.979Z",
"dateReserved": "2026-01-29T14:03:42.539Z",
"dateUpdated": "2026-02-04T19:18:52.495Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-25122 (GCVE-0-2026-25122)
Vulnerability from cvelistv5
Published
2026-02-04 19:02
Modified
2026-02-04 19:19
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.0, expandapk.Split drains the first gzip stream of an APK archive via io.Copy(io.Discard, gzi) without explicit bounds. With an attacker-controlled input stream, this can force large gzip inflation work and lead to resource exhaustion (availability impact). The Split function reads the first tar header, then drains the remainder of the gzip stream by reading from the gzip reader directly without any maximum uncompressed byte limit or inflate-ratio cap. A caller that parses attacker-controlled APK streams may be forced to spend excessive CPU time inflating gzip data, leading to timeouts or process slowdown. This issue has been patched in version 1.1.0.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| chainguard-dev | apko |
Version: >= 0.14.8, < 1.1.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-25122",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-02-04T19:19:20.825588Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T19:19:35.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "apko",
"vendor": "chainguard-dev",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.14.8, \u003c 1.1.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "apko allows users to build and publish OCI container images built from apk packages. From version 0.14.8 to before 1.1.0, expandapk.Split drains the first gzip stream of an APK archive via io.Copy(io.Discard, gzi) without explicit bounds. With an attacker-controlled input stream, this can force large gzip inflation work and lead to resource exhaustion (availability impact). The Split function reads the first tar header, then drains the remainder of the gzip stream by reading from the gzip reader directly without any maximum uncompressed byte limit or inflate-ratio cap. A caller that parses attacker-controlled APK streams may be forced to spend excessive CPU time inflating gzip data, leading to timeouts or process slowdown. This issue has been patched in version 1.1.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-02-04T19:02:15.838Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-6p9p-q6wh-9j89",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-6p9p-q6wh-9j89"
},
{
"name": "https://github.com/chainguard-dev/apko/commit/2be3903fe194ad46351840f0569b35f5ac965f09",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chainguard-dev/apko/commit/2be3903fe194ad46351840f0569b35f5ac965f09"
}
],
"source": {
"advisory": "GHSA-6p9p-q6wh-9j89",
"discovery": "UNKNOWN"
},
"title": "apko is vulnerable to unbounded resource consumption in expandapk.Split on attacker-controlled .apk streams"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-25122",
"datePublished": "2026-02-04T19:02:15.838Z",
"dateReserved": "2026-01-29T14:03:42.539Z",
"dateUpdated": "2026-02-04T19:19:35.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53945 (GCVE-0-2025-53945)
Vulnerability from cvelistv5
Published
2025-07-18 15:35
Modified
2025-07-22 15:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-276 - Incorrect Default Permissions
Summary
apko allows users to build and publish OCI container images built from apk packages. Starting in version 0.27.0 and prior to version 0.29.5, critical files were inadvertently set to 0666, which could likely be abused for root escalation. Version 0.29.5 contains a fix for the issue.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| chainguard-dev | apko |
Version: >= 0.27.0, < 0.29.5 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53945",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-22T15:03:34.863284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T15:03:42.966Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "apko",
"vendor": "chainguard-dev",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.27.0, \u003c 0.29.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "apko allows users to build and publish OCI container images built from apk packages. Starting in version 0.27.0 and prior to version 0.29.5, critical files were inadvertently set to 0666, which could likely be abused for root escalation. Version 0.29.5 contains a fix for the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-276",
"description": "CWE-276: Incorrect Default Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-18T15:35:17.325Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-x6ph-r535-3vjw",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-x6ph-r535-3vjw"
},
{
"name": "https://github.com/chainguard-dev/apko/commit/04f37e2d50d5a502e155788561fb7d40de705bd9",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chainguard-dev/apko/commit/04f37e2d50d5a502e155788561fb7d40de705bd9"
},
{
"name": "https://github.com/chainguard-dev/apko/commit/aedb0772d6bf6e74d8f17690946dbc791d0f6af3",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chainguard-dev/apko/commit/aedb0772d6bf6e74d8f17690946dbc791d0f6af3"
},
{
"name": "https://github.com/chainguard-dev/apko/releases/tag/v0.27.0",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chainguard-dev/apko/releases/tag/v0.27.0"
},
{
"name": "https://github.com/chainguard-dev/apko/releases/tag/v0.29.5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chainguard-dev/apko/releases/tag/v0.29.5"
}
],
"source": {
"advisory": "GHSA-x6ph-r535-3vjw",
"discovery": "UNKNOWN"
},
"title": "apko has incorrect permission (0666) in /etc/ld.so.cache and other files"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-53945",
"datePublished": "2025-07-18T15:35:17.325Z",
"dateReserved": "2025-07-14T17:23:35.262Z",
"dateUpdated": "2025-07-22T15:03:42.966Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-36127 (GCVE-0-2024-36127)
Vulnerability from cvelistv5
Published
2024-06-03 14:49
Modified
2024-09-03 15:49
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
apko is an apk-based OCI image builder. apko exposures HTTP basic auth credentials from repository and keyring URLs in log output. This vulnerability is fixed in v0.14.5.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| chainguard-dev | apko |
Version: < 0.14.5 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T03:30:13.123Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-v6mg-7f7p-qmqp",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-v6mg-7f7p-qmqp"
},
{
"name": "https://github.com/chainguard-dev/apko/commit/2c0533e4d52e83031a04f6a83ec63fc2a11eff01",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/chainguard-dev/apko/commit/2c0533e4d52e83031a04f6a83ec63fc2a11eff01"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:chainguard-dev:apko:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apko",
"vendor": "chainguard-dev",
"versions": [
{
"lessThan": "0.14.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-36127",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T19:11:57.608124Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:49:45.766Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "apko",
"vendor": "chainguard-dev",
"versions": [
{
"status": "affected",
"version": "\u003c 0.14.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "apko is an apk-based OCI image builder. apko exposures HTTP basic auth credentials from repository and keyring URLs in log output. This vulnerability is fixed in v0.14.5."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522: Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532: Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-03T14:49:39.055Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-v6mg-7f7p-qmqp",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/chainguard-dev/apko/security/advisories/GHSA-v6mg-7f7p-qmqp"
},
{
"name": "https://github.com/chainguard-dev/apko/commit/2c0533e4d52e83031a04f6a83ec63fc2a11eff01",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/chainguard-dev/apko/commit/2c0533e4d52e83031a04f6a83ec63fc2a11eff01"
}
],
"source": {
"advisory": "GHSA-v6mg-7f7p-qmqp",
"discovery": "UNKNOWN"
},
"title": "apko Exposure of HTTP basic auth credentials in log output"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-36127",
"datePublished": "2024-06-03T14:49:39.055Z",
"dateReserved": "2024-05-20T21:07:48.190Z",
"dateUpdated": "2024-09-03T15:49:45.766Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}