Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/python-urllib3@1.24.3-1?arch=el7
Typerpm
Namespaceredhat
Namepython-urllib3
Version1.24.3-1
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-6kxp-qa5x-q3bq
vulnerability_id VCID-6kxp-qa5x-q3bq
summary The urllib3 library before 1.24.2 for Python mishandles certain cases where the desired set of CA certificates is different from the OS store of CA certificates, which results in SSL connections succeeding in situations where a verification failure is the correct outcome. This is related to use of the ssl_context, ca_certs, or ca_certs_dir argument.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html
2
reference_url https://access.redhat.com/errata/RHSA-2019:3335
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3335
3
reference_url https://access.redhat.com/errata/RHSA-2019:3590
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3590
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11324.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11324.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11324
reference_id
reference_type
scores
0
value 0.01315
scoring_system epss
scoring_elements 0.79869
published_at 2026-04-18T12:55:00Z
1
value 0.01315
scoring_system epss
scoring_elements 0.79868
published_at 2026-04-16T12:55:00Z
2
value 0.01315
scoring_system epss
scoring_elements 0.7984
published_at 2026-04-13T12:55:00Z
3
value 0.01315
scoring_system epss
scoring_elements 0.79848
published_at 2026-04-12T12:55:00Z
4
value 0.01315
scoring_system epss
scoring_elements 0.79865
published_at 2026-04-11T12:55:00Z
5
value 0.01315
scoring_system epss
scoring_elements 0.79843
published_at 2026-04-09T12:55:00Z
6
value 0.01315
scoring_system epss
scoring_elements 0.79835
published_at 2026-04-08T12:55:00Z
7
value 0.01315
scoring_system epss
scoring_elements 0.79806
published_at 2026-04-07T12:55:00Z
8
value 0.01315
scoring_system epss
scoring_elements 0.79819
published_at 2026-04-04T12:55:00Z
9
value 0.01315
scoring_system epss
scoring_elements 0.79798
published_at 2026-04-02T12:55:00Z
10
value 0.01315
scoring_system epss
scoring_elements 0.7979
published_at 2026-04-01T12:55:00Z
11
value 0.01315
scoring_system epss
scoring_elements 0.79872
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11324
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11324
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11324
7
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
8
reference_url https://github.com/advisories/GHSA-mh33-7rrq-662w
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-mh33-7rrq-662w
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2019-133.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2019-133.yaml
10
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
11
reference_url https://github.com/urllib3/urllib3/commit/1efadf43dc63317cd9eaa3e0fdb9e05ab07254b1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/commit/1efadf43dc63317cd9eaa3e0fdb9e05ab07254b1
12
reference_url https://github.com/urllib3/urllib3/compare/a6ec68a...1efadf4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/compare/a6ec68a...1efadf4
13
reference_url https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html
14
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
19
reference_url https://pypi.org/project/urllib3/1.24.2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://pypi.org/project/urllib3/1.24.2
20
reference_url https://usn.ubuntu.com/3990-1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3990-1
21
reference_url https://usn.ubuntu.com/3990-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3990-1/
22
reference_url http://www.openwall.com/lists/oss-security/2019/04/19/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/04/19/1
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1702473
reference_id 1702473
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1702473
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927412
reference_id 927412
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927412
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11324
reference_id CVE-2019-11324
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11324
26
reference_url https://access.redhat.com/errata/RHSA-2020:0850
reference_id RHSA-2020:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0850
27
reference_url https://access.redhat.com/errata/RHSA-2020:1605
reference_id RHSA-2020:1605
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1605
28
reference_url https://access.redhat.com/errata/RHSA-2020:1916
reference_id RHSA-2020:1916
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1916
29
reference_url https://access.redhat.com/errata/RHSA-2020:2068
reference_id RHSA-2020:2068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2068
fixed_packages
aliases CVE-2019-11324, GHSA-mh33-7rrq-662w, PYSEC-2019-133
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6kxp-qa5x-q3bq
1
url VCID-b3e6-k53t-bkgk
vulnerability_id VCID-b3e6-k53t-bkgk
summary In the urllib3 library through 1.24.1 for Python, CRLF injection is possible if the attacker controls the request parameter.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html
2
reference_url https://access.redhat.com/errata/RHSA-2019:2272
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:2272
3
reference_url https://access.redhat.com/errata/RHSA-2019:3335
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3335
4
reference_url https://access.redhat.com/errata/RHSA-2019:3590
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:3590
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11236.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11236.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11236
reference_id
reference_type
scores
0
value 0.00575
scoring_system epss
scoring_elements 0.68778
published_at 2026-04-21T12:55:00Z
1
value 0.00624
scoring_system epss
scoring_elements 0.70106
published_at 2026-04-02T12:55:00Z
2
value 0.00624
scoring_system epss
scoring_elements 0.70121
published_at 2026-04-04T12:55:00Z
3
value 0.00624
scoring_system epss
scoring_elements 0.70098
published_at 2026-04-07T12:55:00Z
4
value 0.00624
scoring_system epss
scoring_elements 0.70145
published_at 2026-04-08T12:55:00Z
5
value 0.00624
scoring_system epss
scoring_elements 0.70161
published_at 2026-04-09T12:55:00Z
6
value 0.00624
scoring_system epss
scoring_elements 0.70185
published_at 2026-04-11T12:55:00Z
7
value 0.00624
scoring_system epss
scoring_elements 0.7017
published_at 2026-04-12T12:55:00Z
8
value 0.00624
scoring_system epss
scoring_elements 0.70158
published_at 2026-04-13T12:55:00Z
9
value 0.00624
scoring_system epss
scoring_elements 0.702
published_at 2026-04-16T12:55:00Z
10
value 0.00624
scoring_system epss
scoring_elements 0.7021
published_at 2026-04-18T12:55:00Z
11
value 0.00624
scoring_system epss
scoring_elements 0.70094
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11236
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11236
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11236
8
reference_url https://github.com/advisories/GHSA-r64q-w8jr-g9qp
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-r64q-w8jr-g9qp
9
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2019-132.yaml
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/urllib3/PYSEC-2019-132.yaml
10
reference_url https://github.com/urllib3/urllib3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3
11
reference_url https://github.com/urllib3/urllib3/issues/1553
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/urllib3/urllib3/issues/1553
12
reference_url https://lists.debian.org/debian-lts-announce/2019/06/msg00016.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2019/06/msg00016.html
13
reference_url https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/06/msg00015.html
14
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2023/10/msg00012.html
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/
17
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL/
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72
20
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NKGPJLVLVYCL4L4B4G5TIOTVK4BKPG72/
21
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR
22
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R62XGEYPUTXMRHGX5I37EBCGQ5COHGKR/
23
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL
24
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TBI45HO533KYHNB5YRO43TBYKA3E3VRL/
25
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2
26
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOSA2NT4DUQDBEIWE6O7KKD24XND7TE2/
27
reference_url https://usn.ubuntu.com/3990-1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3990-1
28
reference_url https://usn.ubuntu.com/3990-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3990-1/
29
reference_url https://usn.ubuntu.com/3990-2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3990-2
30
reference_url https://usn.ubuntu.com/3990-2/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3990-2/
31
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1700824
reference_id 1700824
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1700824
32
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927172
reference_id 927172
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927172
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:urllib3:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:python:urllib3:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:urllib3:*:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-11236
reference_id CVE-2019-11236
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-11236
35
reference_url https://access.redhat.com/errata/RHSA-2020:0850
reference_id RHSA-2020:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0850
36
reference_url https://access.redhat.com/errata/RHSA-2020:0851
reference_id RHSA-2020:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:0851
37
reference_url https://access.redhat.com/errata/RHSA-2020:1605
reference_id RHSA-2020:1605
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1605
38
reference_url https://access.redhat.com/errata/RHSA-2020:1916
reference_id RHSA-2020:1916
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1916
39
reference_url https://access.redhat.com/errata/RHSA-2020:2068
reference_id RHSA-2020:2068
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2068
40
reference_url https://access.redhat.com/errata/RHSA-2020:2081
reference_id RHSA-2020:2081
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2081
fixed_packages
aliases CVE-2019-11236, GHSA-r64q-w8jr-g9qp, PYSEC-2019-132
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b3e6-k53t-bkgk
2
url VCID-f1w8-m5ur-sbfk
vulnerability_id VCID-f1w8-m5ur-sbfk
summary 
Secrets are not masked by Jenkins Credentials Binding Plugin in builds without build steps
Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets in the build log when the build contains no build steps.

Jenkins Credentials Binding Plugin 1.23 now masks secrets when the build contains no build steps.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2181.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2181.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2181
reference_id
reference_type
scores
0
value 0.001
scoring_system epss
scoring_elements 0.2756
published_at 2026-04-21T12:55:00Z
1
value 0.001
scoring_system epss
scoring_elements 0.27735
published_at 2026-04-01T12:55:00Z
2
value 0.001
scoring_system epss
scoring_elements 0.27773
published_at 2026-04-02T12:55:00Z
3
value 0.001
scoring_system epss
scoring_elements 0.27811
published_at 2026-04-04T12:55:00Z
4
value 0.001
scoring_system epss
scoring_elements 0.27603
published_at 2026-04-07T12:55:00Z
5
value 0.001
scoring_system epss
scoring_elements 0.2767
published_at 2026-04-08T12:55:00Z
6
value 0.001
scoring_system epss
scoring_elements 0.27713
published_at 2026-04-09T12:55:00Z
7
value 0.001
scoring_system epss
scoring_elements 0.27717
published_at 2026-04-11T12:55:00Z
8
value 0.001
scoring_system epss
scoring_elements 0.27674
published_at 2026-04-12T12:55:00Z
9
value 0.001
scoring_system epss
scoring_elements 0.27615
published_at 2026-04-13T12:55:00Z
10
value 0.001
scoring_system epss
scoring_elements 0.27625
published_at 2026-04-16T12:55:00Z
11
value 0.001
scoring_system epss
scoring_elements 0.27599
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2181
2
reference_url https://github.com/jenkinsci/credentials-binding-plugin
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/credentials-binding-plugin
3
reference_url https://github.com/jenkinsci/credentials-binding-plugin/commit/59ead11bcb3fd132258d1d7da4a34d47750f40d2
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/credentials-binding-plugin/commit/59ead11bcb3fd132258d1d7da4a34d47750f40d2
4
reference_url https://jenkins.io/security/advisory/2020-05-06/#SECURITY-1374
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2020-05-06/#SECURITY-1374
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-2181
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-2181
6
reference_url http://www.openwall.com/lists/oss-security/2020/05/06/3
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/05/06/3
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1847341
reference_id 1847341
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1847341
8
reference_url https://github.com/advisories/GHSA-43j2-r4v3-m8jp
reference_id GHSA-43j2-r4v3-m8jp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-43j2-r4v3-m8jp
9
reference_url https://access.redhat.com/errata/RHSA-2020:3453
reference_id RHSA-2020:3453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3453
10
reference_url https://access.redhat.com/errata/RHSA-2020:3625
reference_id RHSA-2020:3625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3625
11
reference_url https://access.redhat.com/errata/RHSA-2020:4265
reference_id RHSA-2020:4265
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4265
fixed_packages
aliases CVE-2020-2181, GHSA-43j2-r4v3-m8jp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f1w8-m5ur-sbfk
3
url VCID-u1n4-5c5f-5bfx
vulnerability_id VCID-u1n4-5c5f-5bfx
summary 
Improper masking of some secrets in Jenkins Credentials Binding Plugin
Credentials Binding Plugin allows specifying passwords and other secrets as environment variables, and will hide them from console output in builds. As a side effect of the fix for [SECURITY-698](https://www.jenkins.io/security/advisory/2018-02-05/#credentials-binding), `$` characters in secrets are escaped to `$$`. This will then be expanded to $ again once the secret is passed to (post) build steps.

Credentials Binding Plugin 1.22 and earlier does not mask the escaped form of the secret (containing `$$`). This occurs for example in the \"Execute Maven top-level targets\" build step included in Jenkins.\n\nCredentials Binding Plugin 1.23 now masks secrets both in their original form and with escaped `$` characters, so they will be masked even if printed before value expansion.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2182.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2182.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2182
reference_id
reference_type
scores
0
value 0.00045
scoring_system epss
scoring_elements 0.13756
published_at 2026-04-21T12:55:00Z
1
value 0.00045
scoring_system epss
scoring_elements 0.13832
published_at 2026-04-01T12:55:00Z
2
value 0.00045
scoring_system epss
scoring_elements 0.13915
published_at 2026-04-02T12:55:00Z
3
value 0.00045
scoring_system epss
scoring_elements 0.13972
published_at 2026-04-04T12:55:00Z
4
value 0.00045
scoring_system epss
scoring_elements 0.13775
published_at 2026-04-07T12:55:00Z
5
value 0.00045
scoring_system epss
scoring_elements 0.13858
published_at 2026-04-08T12:55:00Z
6
value 0.00045
scoring_system epss
scoring_elements 0.1391
published_at 2026-04-09T12:55:00Z
7
value 0.00045
scoring_system epss
scoring_elements 0.13867
published_at 2026-04-11T12:55:00Z
8
value 0.00045
scoring_system epss
scoring_elements 0.1383
published_at 2026-04-12T12:55:00Z
9
value 0.00045
scoring_system epss
scoring_elements 0.13781
published_at 2026-04-13T12:55:00Z
10
value 0.00045
scoring_system epss
scoring_elements 0.1369
published_at 2026-04-16T12:55:00Z
11
value 0.00045
scoring_system epss
scoring_elements 0.13685
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2182
2
reference_url https://github.com/jenkinsci/credentials-binding-plugin
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/credentials-binding-plugin
3
reference_url https://github.com/jenkinsci/credentials-binding-plugin/commit/77681e0d184b0ccafa2a27da3b3bdbba95b4fe8f
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/credentials-binding-plugin/commit/77681e0d184b0ccafa2a27da3b3bdbba95b4fe8f
4
reference_url https://jenkins.io/security/advisory/2020-05-06/#SECURITY-1835
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2020-05-06/#SECURITY-1835
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-2182
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-2182
6
reference_url http://www.openwall.com/lists/oss-security/2020/05/06/3
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/05/06/3
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1847348
reference_id 1847348
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1847348
8
reference_url https://github.com/advisories/GHSA-7ff8-qfwx-8gx5
reference_id GHSA-7ff8-qfwx-8gx5
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7ff8-qfwx-8gx5
9
reference_url https://access.redhat.com/errata/RHSA-2020:3453
reference_id RHSA-2020:3453
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3453
10
reference_url https://access.redhat.com/errata/RHSA-2020:3625
reference_id RHSA-2020:3625
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3625
11
reference_url https://access.redhat.com/errata/RHSA-2020:4265
reference_id RHSA-2020:4265
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4265
fixed_packages
aliases CVE-2020-2182, GHSA-7ff8-qfwx-8gx5
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u1n4-5c5f-5bfx
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-urllib3@1.24.3-1%3Farch=el7