{ "document": { "aggregate_severity": { "text": "Medium" }, "category": "csaf_vex", "csaf_version": "2.0", "distribution": { "text": "TuxCare License Agreement", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Cloud Linux Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://tuxcare.com/contact/", "name": "TuxCare", "namespace": "https://tuxcare.com/" }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://security.tuxcare.com/csaf/v2/els_os/centos8.5els/vex/2024/cve-2024-24789-els_os-centos8_5els.json" } ], "tracking": { "current_release_date": "2026-04-08T20:40:27Z", "generator": { "date": "2026-04-08T20:40:27Z", "engine": { "name": "pyCSAF" } }, "id": "CVE-2024-24789-ELS_OS-CENTOS8.5ELS", "initial_release_date": "2024-06-05T16:15:00Z", "revision_history": [ { "date": "2024-06-05T16:15:00Z", "number": "1", "summary": "Initial version" }, { "date": "2026-04-08T20:10:44Z", "number": "2", "summary": "Official Publication" }, { "date": "2026-04-08T20:40:27Z", "number": "3", "summary": "Update document" } ], "status": "final", "version": "3" }, "title": "Security update on CVE-2024-24789" }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "pam-0:1.3.1-15.el8.x86_64", "product": { "name": "pam-0:1.3.1-15.el8.x86_64", "product_id": "pam-0:1.3.1-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/centos/pam@1.3.1-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "pam-devel-0:1.3.1-15.el8.x86_64", "product": { "name": "pam-devel-0:1.3.1-15.el8.x86_64", "product_id": "pam-devel-0:1.3.1-15.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/centos/pam-devel@1.3.1-15.el8?arch=x86_64" } } }, { "category": "product_version", "name": "libstdc++-devel-0:8.5.0-4.el8_5.x86_64", "product": { "name": "libstdc++-devel-0:8.5.0-4.el8_5.x86_64", "product_id": "libstdc++-devel-0:8.5.0-4.el8_5.x86_64", "product_identification_helper": { "purl": "pkg:rpm/centos/libstdc++-devel@8.5.0-4.el8_5?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "pam-0:1.3.1-15.el8.i686", "product": { "name": "pam-0:1.3.1-15.el8.i686", "product_id": "pam-0:1.3.1-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/centos/pam@1.3.1-15.el8?arch=i686" } } }, { "category": "product_version", "name": "pam-devel-0:1.3.1-15.el8.i686", "product": { "name": "pam-devel-0:1.3.1-15.el8.i686", "product_id": "pam-devel-0:1.3.1-15.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/centos/pam-devel@1.3.1-15.el8?arch=i686" } } }, { "category": "product_version", "name": "libstdc++-devel-0:8.5.0-4.el8_5.i686", "product": { "name": "libstdc++-devel-0:8.5.0-4.el8_5.i686", "product_id": "libstdc++-devel-0:8.5.0-4.el8_5.i686", "product_identification_helper": { "purl": "pkg:rpm/centos/libstdc++-devel@8.5.0-4.el8_5?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_name", "name": "Community Enterprise Operating System 8.5", "product": { "name": "Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5", "product_identification_helper": { "cpe": "cpe:2.3:o:centos:centos:8.5:*:*:*:*:*:*:*" } } } ], "category": "product_family", "name": "Community Enterprise Operating System" } ], "category": "vendor", "name": "Red Hat, Inc." }, { "branches": [ { "branches": [ { "category": "product_version", "name": "pam-0:1.3.1-15.el8.tuxcare.els1.x86_64", "product": { "name": "pam-0:1.3.1-15.el8.tuxcare.els1.x86_64", "product_id": "pam-0:1.3.1-15.el8.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/pam@1.3.1-15.el8.tuxcare.els1?arch=x86_64" } } }, { "category": "product_version", "name": "pam-0:1.3.1-15.el8.tuxcare.els2.x86_64", "product": { "name": "pam-0:1.3.1-15.el8.tuxcare.els2.x86_64", "product_id": "pam-0:1.3.1-15.el8.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/pam@1.3.1-15.el8.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els2.x86_64", "product": { "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els2.x86_64", "product_id": "pam-devel-0:1.3.1-15.el8.tuxcare.els2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/pam-devel@1.3.1-15.el8.tuxcare.els2?arch=x86_64" } } }, { "category": "product_version", "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els1.x86_64", "product": { "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els1.x86_64", "product_id": "pam-devel-0:1.3.1-15.el8.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/pam-devel@1.3.1-15.el8.tuxcare.els1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "pam-0:1.3.1-15.el8.tuxcare.els1.i686", "product": { "name": "pam-0:1.3.1-15.el8.tuxcare.els1.i686", "product_id": "pam-0:1.3.1-15.el8.tuxcare.els1.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/pam@1.3.1-15.el8.tuxcare.els1?arch=i686" } } }, { "category": "product_version", "name": "pam-0:1.3.1-15.el8.tuxcare.els2.i686", "product": { "name": "pam-0:1.3.1-15.el8.tuxcare.els2.i686", "product_id": "pam-0:1.3.1-15.el8.tuxcare.els2.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/pam@1.3.1-15.el8.tuxcare.els2?arch=i686" } } }, { "category": "product_version", "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els2.i686", "product": { "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els2.i686", "product_id": "pam-devel-0:1.3.1-15.el8.tuxcare.els2.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/pam-devel@1.3.1-15.el8.tuxcare.els2?arch=i686" } } }, { "category": "product_version", "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els1.i686", "product": { "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els1.i686", "product_id": "pam-devel-0:1.3.1-15.el8.tuxcare.els1.i686", "product_identification_helper": { "purl": "pkg:rpm/cloudlinux/pam-devel@1.3.1-15.el8.tuxcare.els1?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "CloudLinux" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.i686", "product": { "name": "libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.i686", "product_id": "libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.i686", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/libstdc++-devel@8.5.0-4.el8_5.tuxcare.els1?arch=i686" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.x86_64", "product": { "name": "libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.x86_64", "product_id": "libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.x86_64", "product_identification_helper": { "purl": "pkg:rpm/tuxcare/libstdc++-devel@8.5.0-4.el8_5.tuxcare.els1?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "TuxCare" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "pam-0:1.3.1-15.el8.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els1.x86_64" }, "product_reference": "pam-0:1.3.1-15.el8.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "pam-0:1.3.1-15.el8.x86_64 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-0:1.3.1-15.el8.x86_64" }, "product_reference": "pam-0:1.3.1-15.el8.x86_64", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "pam-0:1.3.1-15.el8.tuxcare.els1.i686 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els1.i686" }, "product_reference": "pam-0:1.3.1-15.el8.tuxcare.els1.i686", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "pam-0:1.3.1-15.el8.i686 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-0:1.3.1-15.el8.i686" }, "product_reference": "pam-0:1.3.1-15.el8.i686", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "pam-0:1.3.1-15.el8.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els2.x86_64" }, "product_reference": "pam-0:1.3.1-15.el8.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "pam-0:1.3.1-15.el8.tuxcare.els2.i686 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els2.i686" }, "product_reference": "pam-0:1.3.1-15.el8.tuxcare.els2.i686", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els2.i686 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els2.i686" }, "product_reference": "pam-devel-0:1.3.1-15.el8.tuxcare.els2.i686", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "pam-devel-0:1.3.1-15.el8.i686 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-devel-0:1.3.1-15.el8.i686" }, "product_reference": "pam-devel-0:1.3.1-15.el8.i686", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els2.x86_64 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els2.x86_64" }, "product_reference": "pam-devel-0:1.3.1-15.el8.tuxcare.els2.x86_64", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "pam-devel-0:1.3.1-15.el8.x86_64 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-devel-0:1.3.1-15.el8.x86_64" }, "product_reference": "pam-devel-0:1.3.1-15.el8.x86_64", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els1.x86_64" }, "product_reference": "pam-devel-0:1.3.1-15.el8.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "pam-devel-0:1.3.1-15.el8.tuxcare.els1.i686 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els1.i686" }, "product_reference": "pam-devel-0:1.3.1-15.el8.tuxcare.els1.i686", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.i686 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.i686" }, "product_reference": "libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.i686", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "libstdc++-devel-0:8.5.0-4.el8_5.i686 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.i686" }, "product_reference": "libstdc++-devel-0:8.5.0-4.el8_5.i686", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.x86_64 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.x86_64" }, "product_reference": "libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.x86_64", "relates_to_product_reference": "CentOS-8.5" }, { "category": "default_component_of", "full_product_name": { "name": "libstdc++-devel-0:8.5.0-4.el8_5.x86_64 as a component of Community Enterprise Operating System 8.5", "product_id": "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.x86_64" }, "product_reference": "libstdc++-devel-0:8.5.0-4.el8_5.x86_64", "relates_to_product_reference": "CentOS-8.5" } ] }, "vulnerabilities": [ { "cve": "CVE-2024-24789", "notes": [ { "category": "description", "text": "The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.", "title": "Vulnerability description" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product's status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "known_affected": [ "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.i686", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.i686", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.x86_64", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els1.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els1.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els2.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els2.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els1.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els1.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els2.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els2.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://cve.tuxcare.com/els/cve/CVE-2024-24789" }, { "category": "external", "summary": "http://www.openwall.com/lists/oss-security/2024/06/04/1", "url": "http://www.openwall.com/lists/oss-security/2024/06/04/1" }, { "category": "external", "summary": "https://go.dev/cl/585397", "url": "https://go.dev/cl/585397" }, { "category": "external", "summary": "https://go.dev/issue/66869", "url": "https://go.dev/issue/66869" }, { "category": "external", "summary": "https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ", "url": "https://groups.google.com/g/golang-announce/c/XbxouI9gY7k/m/TuoGEhxIEwAJ" }, { "category": "external", "summary": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5YAEIA6IUHUNGJ7AIXXPQT6D2GYENX7/" }, { "category": "external", "summary": "https://pkg.go.dev/vuln/GO-2024-2888", "url": "https://pkg.go.dev/vuln/GO-2024-2888" }, { "category": "external", "summary": "https://security.netapp.com/advisory/ntap-20250131-0008/", "url": "https://security.netapp.com/advisory/ntap-20250131-0008/" } ], "release_date": "2024-06-05T16:15:00Z", "remediations": [ { "category": "no_fix_planned", "details": "This flaw only applies when a Go program using archive/zip is made to parse a deliberately malformed ZIP; there is no remote trigger, code execution, data disclosure, or availability impact, and the effect is limited to integrity confusion about the archive’s contents. Systems that do not ingest untrusted ZIPs with Go’s archive/zip have no practical exposure. Given the local attack vector, narrow preconditions, and integrity-only impact, it can be safely deprioritized in managed server/VM environments.", "product_ids": [ "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.i686", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.i686", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.x86_64", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els1.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els1.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els2.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els2.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els1.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els1.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els2.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els2.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.x86_64" ] }, { "category": "no_fix_planned", "details": "CVE-2024-24789 affects only Go’s archive/zip when parsing deliberately malformed ZIPs (bogus EOCDR comment length), causing content ambiguity rather than code execution, data disclosure, or service disruption. Exploitation requires a Go-based component that ingests attacker-supplied ZIP data locally; systems that do not process untrusted ZIP input via archive/zip are not exposed. With a local attack vector, integrity-only impact, and no confidentiality or availability effect, this is a low-priority issue for centrally managed servers and VMs.", "product_ids": [ "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.i686", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.i686", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.x86_64", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els1.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els1.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els2.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els2.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els1.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els1.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els2.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els2.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.i686", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.i686", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.tuxcare.els1.x86_64", "CentOS-8.5:libstdc++-devel-0:8.5.0-4.el8_5.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els1.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els1.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els2.i686", "CentOS-8.5:pam-0:1.3.1-15.el8.tuxcare.els2.x86_64", "CentOS-8.5:pam-0:1.3.1-15.el8.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els1.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els1.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els2.i686", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.tuxcare.els2.x86_64", "CentOS-8.5:pam-devel-0:1.3.1-15.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ] } ] }