"data": { "vulnerability": { "severity": "High", "packa

1. "data": {
2.       "vulnerability": {
3.         "severity": "High",
4.         "package": {
5.           "condition": "Package unfixed",
6.           "name": "rpm-common",
7.           "source": "rpm",
8.           "version": "4.14.2.1+dfsg1-1build2",
9.           "architecture": "amd64"
10.         },
11.         "references": [
12.           "https://bugzilla.redhat.com/show_bug.cgi?id=1964114",
13.           "https://github.com/rpm-software-management/rpm/pull/1919",
14.           "https://bugzilla.suse.com/show_bug.cgi?id=1157880",
15.           "https://github.com/rpm-software-management/rpm/commit/25a435e90844ea98fe5eb7bef22c1aecf3a9c033",
16.           "https://access.redhat.com/security/cve/CVE-2021-35938",
17.           "https://rpm.org/wiki/Releases/4.18.0",
18.           "https://nvd.nist.gov/vuln/detail/CVE-2021-35938",
19.           "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-35938",
20.           "https://ubuntu.com/security/CVE-2021-35938"
21.         ],
22.         "cve_version": "4.0",
23.         "assigner": "secalert@redhat.com",
24.         "published": "2022-08-25",
25.         "cwe_reference": "CWE-59",
26.         "title": "CVE-2021-35938 affects rpm-common",
27.         "type": "PACKAGE",
28.         "rationale": "A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
29.         "cve": "CVE-2021-35938",
30.         "cvss": {
31.           "cvss3": {
32.             "base_score": "7.800000",
33.             "vector": {
34.               "user_interaction": "none",
35.               "integrity_impact": "high",
36.               "scope": "unchanged",
37.               "confidentiality_impact": "high",
38.               "availability": "high",
39.               "attack_vector": "local",
40.               "access_complexity": "low",
41.               "privileges_required": "low"
42.             }
43.           }
44.         },
45.         "updated": "2022-08-31",
46.         "status": "Active"
47.       }
48.     },
49.     "rule": {
50.       "firedtimes": 458,
51.       "mail": false,
52.       "level": 10,
53.       "pci_dss": [
54.         "11.2.1",
55.         "11.2.3"
56.       ],
57.       "tsc": [
58.         "CC7.1",
59.         "CC7.2"
60.       ],
61.       "description": "CVE-2021-35938 affects rpm-common",
62.       "groups": [
63.         "vulnerability-detector"
64.       ],
65.       "id": "23505",
66.       "gdpr": [
67.         "IV_35.7.d"
68.       ]
69.     },
70.     "location": "vulnerability-detector",
71.     "decoder": {
72.       "name": "json"
73.     },
74.     "id": "1664242144.7029312",
75.     "timestamp": "2022-09-27T04:29:04.491+0300"
76.   },
77.   "fields": {
78.     "data.vulnerability.published": [
79.       "2022-08-25T00:00:00.000Z"
80.     ],
81.     "data.vulnerability.updated": [
82.       "2022-08-31T00:00:00.000Z"
83.     ],
84.     "timestamp": [
85.       "2022-09-27T01:29:04.491Z"
86.     ]
87.   },
88.   "highlight": {
89.     "agent.id": [
90.       "@opensearch-dashboards-highlighted-field@010@/opensearch-dashboards-highlighted-field@"
91.     ],
92.     "manager.name": [
93.       "@opensearch-dashboards-highlighted-field@localhost.localdomain@/opensearch-dashboards-highlighted-field@"
94.     ],
95.     "rule.groups": [
96.       "@opensearch-dashboards-highlighted-field@vulnerability-detector@/opensearch-dashboards-highlighted-field@"
97.     ]
98.   },
99.   "sort": [
100.     1664242144491
101.   ]
102. }