Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/ruby-shadow@1.4.1-13?arch=el6_4
Typerpm
Namespaceredhat
Nameruby-shadow
Version1.4.1-13
Qualifiers
arch el6_4
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1mw1-384y-huc7
vulnerability_id VCID-1mw1-384y-huc7
summary 
Uncontrolled Resource Consumption
Algorithmic complexity vulnerability in the `ssl.match_hostname` function and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.
references
0
reference_url http://bugs.python.org/issue17980
reference_id
reference_type
scores
url http://bugs.python.org/issue17980
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-2099
reference_id
reference_type
scores
0
value 0.05238
scoring_system epss
scoring_elements 0.89926
published_at 2026-04-01T12:55:00Z
1
value 0.05238
scoring_system epss
scoring_elements 0.89929
published_at 2026-04-02T12:55:00Z
2
value 0.05238
scoring_system epss
scoring_elements 0.89942
published_at 2026-04-04T12:55:00Z
3
value 0.05238
scoring_system epss
scoring_elements 0.89948
published_at 2026-04-07T12:55:00Z
4
value 0.05238
scoring_system epss
scoring_elements 0.89964
published_at 2026-04-08T12:55:00Z
5
value 0.05238
scoring_system epss
scoring_elements 0.8997
published_at 2026-04-09T12:55:00Z
6
value 0.05238
scoring_system epss
scoring_elements 0.89978
published_at 2026-04-11T12:55:00Z
7
value 0.05238
scoring_system epss
scoring_elements 0.89976
published_at 2026-04-12T12:55:00Z
8
value 0.05238
scoring_system epss
scoring_elements 0.89969
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-2099
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066
reference_id 709066
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066
6
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067
reference_id 709067
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068
reference_id 709068
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069
reference_id 709069
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070
reference_id 709070
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=963260
reference_id 963260
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=963260
11
reference_url https://security.gentoo.org/glsa/201401-04
reference_id GLSA-201401-04
reference_type
scores
url https://security.gentoo.org/glsa/201401-04
12
reference_url https://access.redhat.com/errata/RHSA-2014:1263
reference_id RHSA-2014:1263
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1263
13
reference_url https://access.redhat.com/errata/RHSA-2014:1690
reference_id RHSA-2014:1690
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1690
14
reference_url https://access.redhat.com/errata/RHSA-2015:0042
reference_id RHSA-2015:0042
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0042
15
reference_url https://access.redhat.com/errata/RHSA-2016:1166
reference_id RHSA-2016:1166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1166
16
reference_url https://usn.ubuntu.com/1983-1/
reference_id USN-1983-1
reference_type
scores
url https://usn.ubuntu.com/1983-1/
17
reference_url https://usn.ubuntu.com/1984-1/
reference_id USN-1984-1
reference_type
scores
url https://usn.ubuntu.com/1984-1/
18
reference_url https://usn.ubuntu.com/1985-1/
reference_id USN-1985-1
reference_type
scores
url https://usn.ubuntu.com/1985-1/
fixed_packages
aliases CVE-2013-2099
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1mw1-384y-huc7
1
url VCID-1yu9-avtx-cybv
vulnerability_id VCID-1yu9-avtx-cybv
summary foreman: API not scoping resources to taxonomies
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1844.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1844.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1844
reference_id
reference_type
scores
0
value 0.00261
scoring_system epss
scoring_elements 0.49444
published_at 2026-04-01T12:55:00Z
1
value 0.00261
scoring_system epss
scoring_elements 0.49473
published_at 2026-04-02T12:55:00Z
2
value 0.00261
scoring_system epss
scoring_elements 0.49499
published_at 2026-04-04T12:55:00Z
3
value 0.00261
scoring_system epss
scoring_elements 0.49452
published_at 2026-04-07T12:55:00Z
4
value 0.00261
scoring_system epss
scoring_elements 0.49507
published_at 2026-04-08T12:55:00Z
5
value 0.00261
scoring_system epss
scoring_elements 0.49503
published_at 2026-04-09T12:55:00Z
6
value 0.00261
scoring_system epss
scoring_elements 0.4952
published_at 2026-04-11T12:55:00Z
7
value 0.00261
scoring_system epss
scoring_elements 0.49491
published_at 2026-04-12T12:55:00Z
8
value 0.00261
scoring_system epss
scoring_elements 0.49494
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1844
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1207589
reference_id 1207589
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1207589
fixed_packages
aliases CVE-2015-1844
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1yu9-avtx-cybv
2
url VCID-3kma-3ffw-8qd9
vulnerability_id VCID-3kma-3ffw-8qd9
summary 
Improper Input Validation
Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00002.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00002.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00019.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00019.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-1283.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1283.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-1284.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1284.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3567.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3567.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-3567
reference_id
reference_type
scores
0
value 0.06459
scoring_system epss
scoring_elements 0.91028
published_at 2026-04-02T12:55:00Z
1
value 0.06459
scoring_system epss
scoring_elements 0.91073
published_at 2026-04-13T12:55:00Z
2
value 0.06459
scoring_system epss
scoring_elements 0.91064
published_at 2026-04-09T12:55:00Z
3
value 0.06459
scoring_system epss
scoring_elements 0.91058
published_at 2026-04-08T12:55:00Z
4
value 0.06459
scoring_system epss
scoring_elements 0.91046
published_at 2026-04-07T12:55:00Z
5
value 0.06459
scoring_system epss
scoring_elements 0.91023
published_at 2026-04-01T12:55:00Z
6
value 0.06459
scoring_system epss
scoring_elements 0.91037
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-3567
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3567
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3567
7
reference_url http://secunia.com/advisories/54429
reference_id
reference_type
scores
url http://secunia.com/advisories/54429
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:C/I:C/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2013-3567.yml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2013-3567.yml
11
reference_url https://puppetlabs.com/security/cve/cve-2013-3567
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://puppetlabs.com/security/cve/cve-2013-3567
12
reference_url https://www.puppet.com/security/cve/cve-2013-3567-unauthenticated-remote-code-execution-vulnerability
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.puppet.com/security/cve/cve-2013-3567-unauthenticated-remote-code-execution-vulnerability
13
reference_url http://www.debian.org/security/2013/dsa-2715
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2715
14
reference_url http://www.ubuntu.com/usn/USN-1886-1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1886-1
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712745
reference_id 712745
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712745
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=974649
reference_id 974649
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=974649
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-3567
reference_id CVE-2013-3567
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-3567
18
reference_url https://puppetlabs.com/security/cve/cve-2013-3567/
reference_id CVE-2013-3567
reference_type
scores
url https://puppetlabs.com/security/cve/cve-2013-3567/
19
reference_url https://github.com/advisories/GHSA-f7p5-w2cr-7cp7
reference_id GHSA-f7p5-w2cr-7cp7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f7p5-w2cr-7cp7
20
reference_url https://security.gentoo.org/glsa/201308-04
reference_id GLSA-201308-04
reference_type
scores
url https://security.gentoo.org/glsa/201308-04
21
reference_url https://access.redhat.com/errata/RHSA-2013:1283
reference_id RHSA-2013:1283
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1283
22
reference_url https://access.redhat.com/errata/RHSA-2013:1284
reference_id RHSA-2013:1284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1284
23
reference_url https://usn.ubuntu.com/1886-1/
reference_id USN-1886-1
reference_type
scores
url https://usn.ubuntu.com/1886-1/
fixed_packages
aliases CVE-2013-3567, GHSA-f7p5-w2cr-7cp7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kma-3ffw-8qd9
3
url VCID-5g6u-uvej-xbad
vulnerability_id VCID-5g6u-uvej-xbad
summary 
Moderate severity vulnerability that affects puppet
Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service.  NOTE: this vulnerability can only be exploited utilizing unspecified "local file system access" to the Puppet Master.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00009.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00009.html
1
reference_url http://puppetlabs.com/security/cve/cve-2013-4761
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2013-4761
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-1283.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1283.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-1284.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1284.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4761.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4761.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4761
reference_id
reference_type
scores
0
value 0.0062
scoring_system epss
scoring_elements 0.7004
published_at 2026-04-09T12:55:00Z
1
value 0.0062
scoring_system epss
scoring_elements 0.70024
published_at 2026-04-08T12:55:00Z
2
value 0.0062
scoring_system epss
scoring_elements 0.69972
published_at 2026-04-01T12:55:00Z
3
value 0.0062
scoring_system epss
scoring_elements 0.69984
published_at 2026-04-02T12:55:00Z
4
value 0.0062
scoring_system epss
scoring_elements 0.69975
published_at 2026-04-07T12:55:00Z
5
value 0.0062
scoring_system epss
scoring_elements 0.69999
published_at 2026-04-04T12:55:00Z
6
value 0.0062
scoring_system epss
scoring_elements 0.70035
published_at 2026-04-13T12:55:00Z
7
value 0.0062
scoring_system epss
scoring_elements 0.70048
published_at 2026-04-12T12:55:00Z
8
value 0.0062
scoring_system epss
scoring_elements 0.70063
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4761
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4956
8
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2013-4761.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2013-4761.yml
10
reference_url https://www.puppet.com/security/cve/cve-2013-4761-resourcetype-remote-code-execution-vulnerability
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.puppet.com/security/cve/cve-2013-4761-resourcetype-remote-code-execution-vulnerability
11
reference_url http://www.debian.org/security/2013/dsa-2761
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2761
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=996856
reference_id 996856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=996856
13
reference_url http://puppetlabs.com/security/cve/cve-2013-4761/
reference_id CVE-2013-4761
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2013-4761/
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4761
reference_id CVE-2013-4761
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4761
15
reference_url https://github.com/advisories/GHSA-cj43-9h3w-v976
reference_id GHSA-cj43-9h3w-v976
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cj43-9h3w-v976
16
reference_url https://security.gentoo.org/glsa/201308-04
reference_id GLSA-201308-04
reference_type
scores
url https://security.gentoo.org/glsa/201308-04
17
reference_url https://access.redhat.com/errata/RHSA-2013:1283
reference_id RHSA-2013:1283
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1283
18
reference_url https://access.redhat.com/errata/RHSA-2013:1284
reference_id RHSA-2013:1284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1284
19
reference_url https://usn.ubuntu.com/1928-1/
reference_id USN-1928-1
reference_type
scores
url https://usn.ubuntu.com/1928-1/
fixed_packages
aliases CVE-2013-4761, GHSA-cj43-9h3w-v976
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5g6u-uvej-xbad
4
url VCID-73uh-2gkm-6kgy
vulnerability_id VCID-73uh-2gkm-6kgy
summary 
Multiple vulnerabilities have been found in Puppet, the worst of
    which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4956.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4956.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4956
reference_id
reference_type
scores
0
value 0.00108
scoring_system epss
scoring_elements 0.29083
published_at 2026-04-01T12:55:00Z
1
value 0.00108
scoring_system epss
scoring_elements 0.29157
published_at 2026-04-02T12:55:00Z
2
value 0.00108
scoring_system epss
scoring_elements 0.29207
published_at 2026-04-04T12:55:00Z
3
value 0.00108
scoring_system epss
scoring_elements 0.29018
published_at 2026-04-07T12:55:00Z
4
value 0.00108
scoring_system epss
scoring_elements 0.29082
published_at 2026-04-08T12:55:00Z
5
value 0.00108
scoring_system epss
scoring_elements 0.29124
published_at 2026-04-09T12:55:00Z
6
value 0.00108
scoring_system epss
scoring_elements 0.2913
published_at 2026-04-11T12:55:00Z
7
value 0.00108
scoring_system epss
scoring_elements 0.29085
published_at 2026-04-12T12:55:00Z
8
value 0.00108
scoring_system epss
scoring_elements 0.29034
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4956
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4956
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=996855
reference_id 996855
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=996855
5
reference_url https://security.gentoo.org/glsa/201308-04
reference_id GLSA-201308-04
reference_type
scores
url https://security.gentoo.org/glsa/201308-04
6
reference_url https://access.redhat.com/errata/RHSA-2013:1283
reference_id RHSA-2013:1283
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1283
7
reference_url https://access.redhat.com/errata/RHSA-2013:1284
reference_id RHSA-2013:1284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1284
8
reference_url https://usn.ubuntu.com/1928-1/
reference_id USN-1928-1
reference_type
scores
url https://usn.ubuntu.com/1928-1/
fixed_packages
aliases CVE-2013-4956
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73uh-2gkm-6kgy
5
url VCID-77c9-jb1m-6qe2
vulnerability_id VCID-77c9-jb1m-6qe2
summary qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0203.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0203.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0203
reference_id
reference_type
scores
0
value 0.16987
scoring_system epss
scoring_elements 0.94946
published_at 2026-04-01T12:55:00Z
1
value 0.16987
scoring_system epss
scoring_elements 0.94955
published_at 2026-04-02T12:55:00Z
2
value 0.16987
scoring_system epss
scoring_elements 0.94957
published_at 2026-04-04T12:55:00Z
3
value 0.16987
scoring_system epss
scoring_elements 0.94959
published_at 2026-04-07T12:55:00Z
4
value 0.16987
scoring_system epss
scoring_elements 0.94968
published_at 2026-04-08T12:55:00Z
5
value 0.16987
scoring_system epss
scoring_elements 0.94972
published_at 2026-04-09T12:55:00Z
6
value 0.16987
scoring_system epss
scoring_elements 0.94976
published_at 2026-04-11T12:55:00Z
7
value 0.16987
scoring_system epss
scoring_elements 0.94978
published_at 2026-04-12T12:55:00Z
8
value 0.16987
scoring_system epss
scoring_elements 0.94981
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0203
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1181721
reference_id 1181721
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1181721
3
reference_url https://access.redhat.com/errata/RHSA-2015:0660
reference_id RHSA-2015:0660
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0660
4
reference_url https://access.redhat.com/errata/RHSA-2015:0661
reference_id RHSA-2015:0661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0661
5
reference_url https://access.redhat.com/errata/RHSA-2015:0662
reference_id RHSA-2015:0662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0662
6
reference_url https://access.redhat.com/errata/RHSA-2015:0707
reference_id RHSA-2015:0707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0707
7
reference_url https://access.redhat.com/errata/RHSA-2015:0708
reference_id RHSA-2015:0708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0708
fixed_packages
aliases CVE-2015-0203
risk_score 0.1
exploitability 0.5
weighted_severity 0.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-77c9-jb1m-6qe2
6
url VCID-7f1h-1fw8-k7c4
vulnerability_id VCID-7f1h-1fw8-k7c4
summary foreman: the _session_id cookie is issued without the Secure flag
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3155.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3155.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3155
reference_id
reference_type
scores
0
value 0.0056
scoring_system epss
scoring_elements 0.68193
published_at 2026-04-01T12:55:00Z
1
value 0.0056
scoring_system epss
scoring_elements 0.68214
published_at 2026-04-02T12:55:00Z
2
value 0.0056
scoring_system epss
scoring_elements 0.68233
published_at 2026-04-04T12:55:00Z
3
value 0.0056
scoring_system epss
scoring_elements 0.68209
published_at 2026-04-07T12:55:00Z
4
value 0.0056
scoring_system epss
scoring_elements 0.68259
published_at 2026-04-08T12:55:00Z
5
value 0.0056
scoring_system epss
scoring_elements 0.68275
published_at 2026-04-09T12:55:00Z
6
value 0.0056
scoring_system epss
scoring_elements 0.683
published_at 2026-04-11T12:55:00Z
7
value 0.0056
scoring_system epss
scoring_elements 0.68288
published_at 2026-04-12T12:55:00Z
8
value 0.0056
scoring_system epss
scoring_elements 0.68254
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3155
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1216035
reference_id 1216035
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1216035
fixed_packages
aliases CVE-2015-3155
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7f1h-1fw8-k7c4
7
url VCID-8wen-twwa-8khm
vulnerability_id VCID-8wen-twwa-8khm
summary foreman: cross-site scripting (XSS) flaw in template preview screen
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3653.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3653.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3653
reference_id
reference_type
scores
0
value 0.00389
scoring_system epss
scoring_elements 0.59891
published_at 2026-04-01T12:55:00Z
1
value 0.00389
scoring_system epss
scoring_elements 0.59968
published_at 2026-04-02T12:55:00Z
2
value 0.00389
scoring_system epss
scoring_elements 0.59993
published_at 2026-04-04T12:55:00Z
3
value 0.00389
scoring_system epss
scoring_elements 0.59963
published_at 2026-04-07T12:55:00Z
4
value 0.00389
scoring_system epss
scoring_elements 0.60013
published_at 2026-04-08T12:55:00Z
5
value 0.00389
scoring_system epss
scoring_elements 0.60026
published_at 2026-04-09T12:55:00Z
6
value 0.00389
scoring_system epss
scoring_elements 0.60047
published_at 2026-04-11T12:55:00Z
7
value 0.00389
scoring_system epss
scoring_elements 0.60032
published_at 2026-04-12T12:55:00Z
8
value 0.00389
scoring_system epss
scoring_elements 0.60014
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3653
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1145398
reference_id 1145398
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1145398
fixed_packages
aliases CVE-2014-3653
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8wen-twwa-8khm
8
url VCID-9gb8-xvrc-aqgb
vulnerability_id VCID-9gb8-xvrc-aqgb
summary qpid-cpp: anonymous access to qpidd cannot be prevented
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0223.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0223.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0223
reference_id
reference_type
scores
0
value 0.02275
scoring_system epss
scoring_elements 0.84587
published_at 2026-04-01T12:55:00Z
1
value 0.02275
scoring_system epss
scoring_elements 0.84601
published_at 2026-04-02T12:55:00Z
2
value 0.02275
scoring_system epss
scoring_elements 0.84621
published_at 2026-04-04T12:55:00Z
3
value 0.02275
scoring_system epss
scoring_elements 0.84623
published_at 2026-04-07T12:55:00Z
4
value 0.02275
scoring_system epss
scoring_elements 0.84645
published_at 2026-04-08T12:55:00Z
5
value 0.02275
scoring_system epss
scoring_elements 0.84651
published_at 2026-04-09T12:55:00Z
6
value 0.02275
scoring_system epss
scoring_elements 0.84669
published_at 2026-04-11T12:55:00Z
7
value 0.02275
scoring_system epss
scoring_elements 0.84664
published_at 2026-04-12T12:55:00Z
8
value 0.02275
scoring_system epss
scoring_elements 0.84659
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0223
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1186308
reference_id 1186308
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1186308
3
reference_url https://access.redhat.com/errata/RHSA-2015:0660
reference_id RHSA-2015:0660
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0660
4
reference_url https://access.redhat.com/errata/RHSA-2015:0661
reference_id RHSA-2015:0661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0661
5
reference_url https://access.redhat.com/errata/RHSA-2015:0662
reference_id RHSA-2015:0662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0662
6
reference_url https://access.redhat.com/errata/RHSA-2015:0707
reference_id RHSA-2015:0707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0707
7
reference_url https://access.redhat.com/errata/RHSA-2015:0708
reference_id RHSA-2015:0708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0708
fixed_packages
aliases CVE-2015-0223
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9gb8-xvrc-aqgb
9
url VCID-fq2t-c2nv-23ce
vulnerability_id VCID-fq2t-c2nv-23ce
summary 
A vulnerability in MongoDB can lead to a Denial of Service
    condition.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1609.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1609.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1609
reference_id
reference_type
scores
0
value 0.01693
scoring_system epss
scoring_elements 0.82181
published_at 2026-04-01T12:55:00Z
1
value 0.01693
scoring_system epss
scoring_elements 0.82195
published_at 2026-04-02T12:55:00Z
2
value 0.01693
scoring_system epss
scoring_elements 0.82215
published_at 2026-04-04T12:55:00Z
3
value 0.01693
scoring_system epss
scoring_elements 0.82211
published_at 2026-04-07T12:55:00Z
4
value 0.01693
scoring_system epss
scoring_elements 0.82238
published_at 2026-04-08T12:55:00Z
5
value 0.01693
scoring_system epss
scoring_elements 0.82245
published_at 2026-04-09T12:55:00Z
6
value 0.01693
scoring_system epss
scoring_elements 0.82264
published_at 2026-04-11T12:55:00Z
7
value 0.01693
scoring_system epss
scoring_elements 0.82257
published_at 2026-04-12T12:55:00Z
8
value 0.01693
scoring_system epss
scoring_elements 0.82252
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1609
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1200446
reference_id 1200446
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1200446
3
reference_url https://security.gentoo.org/glsa/201611-13
reference_id GLSA-201611-13
reference_type
scores
url https://security.gentoo.org/glsa/201611-13
fixed_packages
aliases CVE-2015-1609
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fq2t-c2nv-23ce
10
url VCID-jfqz-9a6e-jff7
vulnerability_id VCID-jfqz-9a6e-jff7
summary foreman: Unprivileged user can access private bookmarks of other users
references
0
reference_url http://projects.theforeman.org/issues/13828
reference_id
reference_type
scores
url http://projects.theforeman.org/issues/13828
1
reference_url https://access.redhat.com/errata/RHBA-2016:1500
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHBA-2016:1500
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2100.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2100.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-2100
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.42242
published_at 2026-04-13T12:55:00Z
1
value 0.00201
scoring_system epss
scoring_elements 0.4227
published_at 2026-04-12T12:55:00Z
2
value 0.00201
scoring_system epss
scoring_elements 0.42198
published_at 2026-04-01T12:55:00Z
3
value 0.00201
scoring_system epss
scoring_elements 0.42255
published_at 2026-04-02T12:55:00Z
4
value 0.00201
scoring_system epss
scoring_elements 0.42284
published_at 2026-04-09T12:55:00Z
5
value 0.00201
scoring_system epss
scoring_elements 0.42226
published_at 2026-04-07T12:55:00Z
6
value 0.00201
scoring_system epss
scoring_elements 0.42276
published_at 2026-04-08T12:55:00Z
7
value 0.00201
scoring_system epss
scoring_elements 0.42306
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-2100
4
reference_url http://theforeman.org/security.html#2016-2100
reference_id
reference_type
scores
url http://theforeman.org/security.html#2016-2100
5
reference_url http://www.openwall.com/lists/oss-security/2016/03/31/2
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2016/03/31/2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1310675
reference_id 1310675
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1310675
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:theforeman:foreman:1.11.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:theforeman:foreman:1.11.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:theforeman:foreman:1.11.0:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:theforeman:foreman:1.11.0:rc1:*:*:*:*:*:*
reference_id cpe:2.3:a:theforeman:foreman:1.11.0:rc1:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:theforeman:foreman:1.11.0:rc1:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-2100
reference_id CVE-2016-2100
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2016-2100
fixed_packages
aliases CVE-2016-2100
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jfqz-9a6e-jff7
11
url VCID-rc65-py17-kuhm
vulnerability_id VCID-rc65-py17-kuhm
summary foreman: lack of SSL certificate validation when performing LDAPS authentication
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1816.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1816.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1816
reference_id
reference_type
scores
0
value 0.00217
scoring_system epss
scoring_elements 0.44212
published_at 2026-04-01T12:55:00Z
1
value 0.00217
scoring_system epss
scoring_elements 0.44279
published_at 2026-04-02T12:55:00Z
2
value 0.00217
scoring_system epss
scoring_elements 0.44302
published_at 2026-04-04T12:55:00Z
3
value 0.00217
scoring_system epss
scoring_elements 0.44235
published_at 2026-04-07T12:55:00Z
4
value 0.00217
scoring_system epss
scoring_elements 0.44287
published_at 2026-04-08T12:55:00Z
5
value 0.00217
scoring_system epss
scoring_elements 0.44292
published_at 2026-04-09T12:55:00Z
6
value 0.00217
scoring_system epss
scoring_elements 0.44309
published_at 2026-04-11T12:55:00Z
7
value 0.00217
scoring_system epss
scoring_elements 0.44277
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1816
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1208602
reference_id 1208602
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1208602
fixed_packages
aliases CVE-2015-1816
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rc65-py17-kuhm
12
url VCID-sqjb-qpyd-p7gn
vulnerability_id VCID-sqjb-qpyd-p7gn
summary foreman: edit_users permission allows changing of admin passwords
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3235.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3235.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3235
reference_id
reference_type
scores
0
value 0.0057
scoring_system epss
scoring_elements 0.68522
published_at 2026-04-01T12:55:00Z
1
value 0.0057
scoring_system epss
scoring_elements 0.6854
published_at 2026-04-02T12:55:00Z
2
value 0.0057
scoring_system epss
scoring_elements 0.68558
published_at 2026-04-04T12:55:00Z
3
value 0.0057
scoring_system epss
scoring_elements 0.68537
published_at 2026-04-07T12:55:00Z
4
value 0.0057
scoring_system epss
scoring_elements 0.68588
published_at 2026-04-08T12:55:00Z
5
value 0.0057
scoring_system epss
scoring_elements 0.68605
published_at 2026-04-09T12:55:00Z
6
value 0.0057
scoring_system epss
scoring_elements 0.68631
published_at 2026-04-11T12:55:00Z
7
value 0.0057
scoring_system epss
scoring_elements 0.68618
published_at 2026-04-12T12:55:00Z
8
value 0.0057
scoring_system epss
scoring_elements 0.68589
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3235
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1232366
reference_id 1232366
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1232366
fixed_packages
aliases CVE-2015-3235
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sqjb-qpyd-p7gn
13
url VCID-tbug-mv5x-uucb
vulnerability_id VCID-tbug-mv5x-uucb
summary The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.
references
0
reference_url https://access.redhat.com/errata/RHSA-2015:1591
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1591
1
reference_url https://access.redhat.com/errata/RHSA-2015:1592
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1592
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4346.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4346.json
3
reference_url https://access.redhat.com/security/cve/CVE-2013-4346
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-4346
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4346
reference_id
reference_type
scores
0
value 0.00472
scoring_system epss
scoring_elements 0.64597
published_at 2026-04-02T12:55:00Z
1
value 0.00472
scoring_system epss
scoring_elements 0.64625
published_at 2026-04-13T12:55:00Z
2
value 0.00472
scoring_system epss
scoring_elements 0.64653
published_at 2026-04-12T12:55:00Z
3
value 0.00472
scoring_system epss
scoring_elements 0.64665
published_at 2026-04-11T12:55:00Z
4
value 0.00472
scoring_system epss
scoring_elements 0.64648
published_at 2026-04-09T12:55:00Z
5
value 0.00472
scoring_system epss
scoring_elements 0.64632
published_at 2026-04-08T12:55:00Z
6
value 0.00472
scoring_system epss
scoring_elements 0.64584
published_at 2026-04-07T12:55:00Z
7
value 0.00472
scoring_system epss
scoring_elements 0.64626
published_at 2026-04-04T12:55:00Z
8
value 0.00472
scoring_system epss
scoring_elements 0.64544
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4346
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1007746
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1007746
6
reference_url https://github.com/joestump/python-oauth2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/joestump/python-oauth2
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-85.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-85.yaml
8
reference_url https://github.com/simplegeo/python-oauth2/issues/129
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/simplegeo/python-oauth2/issues/129
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4346
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4346
10
reference_url https://web.archive.org/web/20200228063302/http://www.securityfocus.com/bid/62386
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228063302/http://www.securityfocus.com/bid/62386
11
reference_url http://www.openwall.com/lists/oss-security/2013/09/12/7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/09/12/7
12
reference_url http://www.securityfocus.com/bid/62386
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/62386
13
reference_url https://github.com/advisories/GHSA-4433-4cxq-vv73
reference_id GHSA-4433-4cxq-vv73
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4433-4cxq-vv73
fixed_packages
aliases CVE-2013-4346, GHSA-4433-4cxq-vv73, PYSEC-2014-85
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tbug-mv5x-uucb
14
url VCID-utxw-251d-gfff
vulnerability_id VCID-utxw-251d-gfff
summary rhn_satellite_6: cross-site request forgery (CSRF) can force logout
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3590.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3590.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3590
reference_id
reference_type
scores
0
value 0.00242
scoring_system epss
scoring_elements 0.47402
published_at 2026-04-01T12:55:00Z
1
value 0.00242
scoring_system epss
scoring_elements 0.47436
published_at 2026-04-02T12:55:00Z
2
value 0.00242
scoring_system epss
scoring_elements 0.47457
published_at 2026-04-04T12:55:00Z
3
value 0.00242
scoring_system epss
scoring_elements 0.47407
published_at 2026-04-07T12:55:00Z
4
value 0.00242
scoring_system epss
scoring_elements 0.47461
published_at 2026-04-08T12:55:00Z
5
value 0.00242
scoring_system epss
scoring_elements 0.47458
published_at 2026-04-09T12:55:00Z
6
value 0.00242
scoring_system epss
scoring_elements 0.47481
published_at 2026-04-11T12:55:00Z
7
value 0.00242
scoring_system epss
scoring_elements 0.47456
published_at 2026-04-12T12:55:00Z
8
value 0.00242
scoring_system epss
scoring_elements 0.47462
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3590
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1128108
reference_id 1128108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1128108
fixed_packages
aliases CVE-2014-3590
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-utxw-251d-gfff
15
url VCID-vhxh-tpay-mbh3
vulnerability_id VCID-vhxh-tpay-mbh3
summary qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix)
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178606.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178606.html
1
reference_url http://mail-archives.apache.org/mod_mbox/www-announce/201501.mbox/%3C54C60497.5060504%40apache.org%3E
reference_id
reference_type
scores
url http://mail-archives.apache.org/mod_mbox/www-announce/201501.mbox/%3C54C60497.5060504%40apache.org%3E
2
reference_url http://packetstormsecurity.com/files/130105/Apache-Qpid-0.30-Crash.html
reference_id
reference_type
scores
url http://packetstormsecurity.com/files/130105/Apache-Qpid-0.30-Crash.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-0660.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-0660.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-0661.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-0661.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-0662.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-0662.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-0707.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-0707.html
7
reference_url https://access.redhat.com/errata/RHBA-2016:1500
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHBA-2016:1500
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0224.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0224.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-0224
reference_id
reference_type
scores
0
value 0.5601
scoring_system epss
scoring_elements 0.98102
published_at 2026-04-13T12:55:00Z
1
value 0.5601
scoring_system epss
scoring_elements 0.98101
published_at 2026-04-12T12:55:00Z
2
value 0.5601
scoring_system epss
scoring_elements 0.98083
published_at 2026-04-01T12:55:00Z
3
value 0.5601
scoring_system epss
scoring_elements 0.98087
published_at 2026-04-02T12:55:00Z
4
value 0.5601
scoring_system epss
scoring_elements 0.9809
published_at 2026-04-04T12:55:00Z
5
value 0.5601
scoring_system epss
scoring_elements 0.98091
published_at 2026-04-07T12:55:00Z
6
value 0.5601
scoring_system epss
scoring_elements 0.98095
published_at 2026-04-08T12:55:00Z
7
value 0.5601
scoring_system epss
scoring_elements 0.98096
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-0224
10
reference_url https://issues.apache.org/jira/browse/QPID-6310
reference_id
reference_type
scores
url https://issues.apache.org/jira/browse/QPID-6310
11
reference_url http://www.securityfocus.com/archive/1/534545/100/0/threaded
reference_id
reference_type
scores
url http://www.securityfocus.com/archive/1/534545/100/0/threaded
12
reference_url http://www.securityfocus.com/bid/72317
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/72317
13
reference_url http://www.securitytracker.com/id/1031872
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1031872
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1186302
reference_id 1186302
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1186302
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:qpid:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:qpid:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:qpid:*:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-0224
reference_id CVE-2015-0224
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2015-0224
17
reference_url https://access.redhat.com/errata/RHSA-2015:0660
reference_id RHSA-2015:0660
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0660
18
reference_url https://access.redhat.com/errata/RHSA-2015:0661
reference_id RHSA-2015:0661
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0661
19
reference_url https://access.redhat.com/errata/RHSA-2015:0662
reference_id RHSA-2015:0662
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0662
20
reference_url https://access.redhat.com/errata/RHSA-2015:0707
reference_id RHSA-2015:0707
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0707
21
reference_url https://access.redhat.com/errata/RHSA-2015:0708
reference_id RHSA-2015:0708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0708
fixed_packages
aliases CVE-2015-0224
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vhxh-tpay-mbh3
16
url VCID-zkgb-14kz-33dz
vulnerability_id VCID-zkgb-14kz-33dz
summary The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack.
references
0
reference_url https://access.redhat.com/errata/RHSA-2015:1591
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1591
1
reference_url https://access.redhat.com/errata/RHSA-2015:1592
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1592
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4347.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4347.json
3
reference_url https://access.redhat.com/security/cve/CVE-2013-4347
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-4347
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4347
reference_id
reference_type
scores
0
value 0.00411
scoring_system epss
scoring_elements 0.61402
published_at 2026-04-13T12:55:00Z
1
value 0.00411
scoring_system epss
scoring_elements 0.61421
published_at 2026-04-12T12:55:00Z
2
value 0.00411
scoring_system epss
scoring_elements 0.61276
published_at 2026-04-01T12:55:00Z
3
value 0.00411
scoring_system epss
scoring_elements 0.61355
published_at 2026-04-02T12:55:00Z
4
value 0.00411
scoring_system epss
scoring_elements 0.61383
published_at 2026-04-04T12:55:00Z
5
value 0.00411
scoring_system epss
scoring_elements 0.61353
published_at 2026-04-07T12:55:00Z
6
value 0.00411
scoring_system epss
scoring_elements 0.614
published_at 2026-04-08T12:55:00Z
7
value 0.00411
scoring_system epss
scoring_elements 0.61415
published_at 2026-04-09T12:55:00Z
8
value 0.00411
scoring_system epss
scoring_elements 0.61436
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4347
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1007758
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1007758
6
reference_url https://github.com/joestump/python-oauth2
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/joestump/python-oauth2
7
reference_url https://github.com/joestump/python-oauth2/commit/82dd2cdd4954cd7b8983d5d64c0dfd9072bf4650
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/joestump/python-oauth2/commit/82dd2cdd4954cd7b8983d5d64c0dfd9072bf4650
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-86.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-86.yaml
9
reference_url https://github.com/simplegeo/python-oauth2/issues/9
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/simplegeo/python-oauth2/issues/9
10
reference_url https://github.com/simplegeo/python-oauth2/pull/146
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/simplegeo/python-oauth2/pull/146
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4347
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4347
12
reference_url http://www.openwall.com/lists/oss-security/2013/09/12/7
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/09/12/7
13
reference_url http://www.securityfocus.com/bid/62388
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/62388
14
reference_url https://github.com/advisories/GHSA-rv8h-p43r-4x5r
reference_id GHSA-rv8h-p43r-4x5r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rv8h-p43r-4x5r
fixed_packages
aliases CVE-2013-4347, GHSA-rv8h-p43r-4x5r, PYSEC-2014-86
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkgb-14kz-33dz
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby-shadow@1.4.1-13%3Farch=el6_4