{ "advisoryKey": "CVE-2025-4242", "affectedPackages": [ { "type": "cpe", "identifier": "cpe:2.3:a:conflict:package:1.0:*:*:*:*:*:*:*", "platform": null, "versionRanges": [ { "fixedVersion": "1.4", "introducedVersion": "1.0", "lastAffectedVersion": "1.0", "primitives": { "evr": null, "hasVendorExtensions": true, "nevra": null, "semVer": { "constraintExpression": ">=1.0 <1.4 ==1.0", "exactValue": "1.0.0", "fixed": "1.4.0", "fixedInclusive": false, "introduced": "1.0.0", "introducedInclusive": true, "lastAffected": "1.0.0", "lastAffectedInclusive": true, "style": "exact" }, "vendorExtensions": { "versionStartIncluding": "1.0", "versionEndExcluding": "1.4", "version": "1.0" } }, "provenance": { "source": "nvd", "kind": "cpe", "value": "https://services.nvd.nist.gov/rest/json/cve/2.0?cveId=CVE-2025-4242", "decisionReason": null, "recordedAt": "2025-03-04T02:00:00+00:00", "fieldMask": [ "affectedpackages[].versionranges[]" ] }, "rangeExpression": ">=1.0 <1.4 ==1.0", "rangeKind": "cpe" } ], "normalizedVersions": [ { "scheme": "semver", "type": "exact", "min": null, "minInclusive": null, "max": null, "maxInclusive": null, "value": "1.0.0", "notes": "nvd:CVE-2025-4242" } ], "statuses": [], "provenance": [ { "source": "nvd", "kind": "cpe", "value": "https://services.nvd.nist.gov/rest/json/cve/2.0?cveId=CVE-2025-4242", "decisionReason": null, "recordedAt": "2025-03-04T02:00:00+00:00", "fieldMask": [ "affectedpackages[]" ] } ] } ], "aliases": [ "CVE-2025-4242" ], "canonicalMetricId": "3.1|CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "credits": [], "cvssMetrics": [ { "baseScore": 9.8, "baseSeverity": "critical", "provenance": { "source": "nvd", "kind": "cvss", "value": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "decisionReason": null, "recordedAt": "2025-03-04T02:00:00+00:00", "fieldMask": [ "cvssmetrics[]" ] }, "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } ], "cwes": [ { "taxonomy": "cwe", "identifier": "CWE-269", "name": null, "uri": "https://cwe.mitre.org/data/definitions/269.html", "provenance": [ { "source": "nvd", "kind": "weakness", "value": "CWE-269", "decisionReason": null, "recordedAt": "2025-03-04T02:00:00+00:00", "fieldMask": [ "cwes[]" ] } ] } ], "description": "NVD baseline summary for conflict-package allowing container escape.", "exploitKnown": false, "language": "en", "modified": "2025-03-03T09:45:00+00:00", "provenance": [ { "source": "nvd", "kind": "document", "value": "https://services.nvd.nist.gov/rest/json/cve/2.0?cveId=CVE-2025-4242", "decisionReason": null, "recordedAt": "2025-03-03T10:00:00+00:00", "fieldMask": [ "advisory" ] }, { "source": "nvd", "kind": "mapping", "value": "CVE-2025-4242", "decisionReason": null, "recordedAt": "2025-03-04T02:00:00+00:00", "fieldMask": [ "advisory" ] } ], "published": "2025-03-01T10:15:00+00:00", "references": [ { "kind": "weakness", "provenance": { "source": "nvd", "kind": "reference", "value": "https://cwe.mitre.org/data/definitions/269.html", "decisionReason": null, "recordedAt": "2025-03-04T02:00:00+00:00", "fieldMask": [ "references[]" ] }, "sourceTag": "CWE-269", "summary": null, "url": "https://cwe.mitre.org/data/definitions/269.html" }, { "kind": "vendor advisory", "provenance": { "source": "nvd", "kind": "reference", "value": "https://nvd.nist.gov/vuln/detail/CVE-2025-4242", "decisionReason": null, "recordedAt": "2025-03-04T02:00:00+00:00", "fieldMask": [ "references[]" ] }, "sourceTag": "NVD", "summary": null, "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4242" } ], "severity": "critical", "summary": "NVD baseline summary for conflict-package allowing container escape.", "title": "CVE-2025-4242" }