Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/hiera@1.0.0-3?arch=el6_4
Typerpm
Namespaceredhat
Namehiera
Version1.0.0-3
Qualifiers
arch el6_4
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1yu9-avtx-cybv
vulnerability_id VCID-1yu9-avtx-cybv
summary foreman: API not scoping resources to taxonomies
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1844.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1844.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1844
reference_id
reference_type
scores
0
value 0.00261
scoring_system epss
scoring_elements 0.49444
published_at 2026-04-01T12:55:00Z
1
value 0.00261
scoring_system epss
scoring_elements 0.49473
published_at 2026-04-02T12:55:00Z
2
value 0.00261
scoring_system epss
scoring_elements 0.49499
published_at 2026-04-04T12:55:00Z
3
value 0.00261
scoring_system epss
scoring_elements 0.49452
published_at 2026-04-07T12:55:00Z
4
value 0.00261
scoring_system epss
scoring_elements 0.49507
published_at 2026-04-08T12:55:00Z
5
value 0.00261
scoring_system epss
scoring_elements 0.49503
published_at 2026-04-09T12:55:00Z
6
value 0.00261
scoring_system epss
scoring_elements 0.4952
published_at 2026-04-11T12:55:00Z
7
value 0.00261
scoring_system epss
scoring_elements 0.49491
published_at 2026-04-12T12:55:00Z
8
value 0.00261
scoring_system epss
scoring_elements 0.49494
published_at 2026-04-13T12:55:00Z
9
value 0.00261
scoring_system epss
scoring_elements 0.49541
published_at 2026-04-16T12:55:00Z
10
value 0.00261
scoring_system epss
scoring_elements 0.49539
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1844
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1207589
reference_id 1207589
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1207589
fixed_packages
aliases CVE-2015-1844
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1yu9-avtx-cybv
1
url VCID-3kma-3ffw-8qd9
vulnerability_id VCID-3kma-3ffw-8qd9
summary 
Improper Input Validation
Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00002.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00002.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00019.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00019.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-1283.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1283.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-1284.html
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1284.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3567.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-3567.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-3567
reference_id
reference_type
scores
0
value 0.06459
scoring_system epss
scoring_elements 0.91064
published_at 2026-04-09T12:55:00Z
1
value 0.06459
scoring_system epss
scoring_elements 0.91058
published_at 2026-04-08T12:55:00Z
2
value 0.06459
scoring_system epss
scoring_elements 0.91046
published_at 2026-04-07T12:55:00Z
3
value 0.06459
scoring_system epss
scoring_elements 0.91037
published_at 2026-04-04T12:55:00Z
4
value 0.06459
scoring_system epss
scoring_elements 0.91023
published_at 2026-04-01T12:55:00Z
5
value 0.06459
scoring_system epss
scoring_elements 0.91028
published_at 2026-04-02T12:55:00Z
6
value 0.06459
scoring_system epss
scoring_elements 0.91097
published_at 2026-04-18T12:55:00Z
7
value 0.06459
scoring_system epss
scoring_elements 0.91098
published_at 2026-04-16T12:55:00Z
8
value 0.06459
scoring_system epss
scoring_elements 0.91073
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-3567
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3567
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3567
7
reference_url http://secunia.com/advisories/54429
reference_id
reference_type
scores
url http://secunia.com/advisories/54429
8
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 9
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:C/I:C/A:C
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
9
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2013-3567.yml
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2013-3567.yml
11
reference_url https://puppetlabs.com/security/cve/cve-2013-3567
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://puppetlabs.com/security/cve/cve-2013-3567
12
reference_url https://www.puppet.com/security/cve/cve-2013-3567-unauthenticated-remote-code-execution-vulnerability
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.puppet.com/security/cve/cve-2013-3567-unauthenticated-remote-code-execution-vulnerability
13
reference_url http://www.debian.org/security/2013/dsa-2715
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2715
14
reference_url http://www.ubuntu.com/usn/USN-1886-1
reference_id
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1886-1
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712745
reference_id 712745
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=712745
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=974649
reference_id 974649
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=974649
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-3567
reference_id CVE-2013-3567
reference_type
scores
0
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-3567
18
reference_url https://puppetlabs.com/security/cve/cve-2013-3567/
reference_id CVE-2013-3567
reference_type
scores
url https://puppetlabs.com/security/cve/cve-2013-3567/
19
reference_url https://github.com/advisories/GHSA-f7p5-w2cr-7cp7
reference_id GHSA-f7p5-w2cr-7cp7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f7p5-w2cr-7cp7
20
reference_url https://security.gentoo.org/glsa/201308-04
reference_id GLSA-201308-04
reference_type
scores
url https://security.gentoo.org/glsa/201308-04
21
reference_url https://access.redhat.com/errata/RHSA-2013:1283
reference_id RHSA-2013:1283
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1283
22
reference_url https://access.redhat.com/errata/RHSA-2013:1284
reference_id RHSA-2013:1284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1284
23
reference_url https://usn.ubuntu.com/1886-1/
reference_id USN-1886-1
reference_type
scores
url https://usn.ubuntu.com/1886-1/
fixed_packages
aliases CVE-2013-3567, GHSA-f7p5-w2cr-7cp7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3kma-3ffw-8qd9
2
url VCID-5g6u-uvej-xbad
vulnerability_id VCID-5g6u-uvej-xbad
summary 
Moderate severity vulnerability that affects puppet
Unspecified vulnerability in Puppet 2.7.x before 2.7.23 and 3.2.x before 3.2.4, and Puppet Enterprise 2.8.x before 2.8.3 and 3.0.x before 3.0.1, allows remote attackers to execute arbitrary Ruby programs from the master via the resource_type service.  NOTE: this vulnerability can only be exploited utilizing unspecified "local file system access" to the Puppet Master.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00009.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00009.html
1
reference_url http://puppetlabs.com/security/cve/cve-2013-4761
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2013-4761
2
reference_url http://rhn.redhat.com/errata/RHSA-2013-1283.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1283.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2013-1284.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2013-1284.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4761.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4761.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4761
reference_id
reference_type
scores
0
value 0.0062
scoring_system epss
scoring_elements 0.70087
published_at 2026-04-18T12:55:00Z
1
value 0.0062
scoring_system epss
scoring_elements 0.70024
published_at 2026-04-08T12:55:00Z
2
value 0.0062
scoring_system epss
scoring_elements 0.7004
published_at 2026-04-09T12:55:00Z
3
value 0.0062
scoring_system epss
scoring_elements 0.70063
published_at 2026-04-11T12:55:00Z
4
value 0.0062
scoring_system epss
scoring_elements 0.70048
published_at 2026-04-12T12:55:00Z
5
value 0.0062
scoring_system epss
scoring_elements 0.70035
published_at 2026-04-13T12:55:00Z
6
value 0.0062
scoring_system epss
scoring_elements 0.70078
published_at 2026-04-16T12:55:00Z
7
value 0.0062
scoring_system epss
scoring_elements 0.69972
published_at 2026-04-01T12:55:00Z
8
value 0.0062
scoring_system epss
scoring_elements 0.69984
published_at 2026-04-02T12:55:00Z
9
value 0.0062
scoring_system epss
scoring_elements 0.69999
published_at 2026-04-04T12:55:00Z
10
value 0.0062
scoring_system epss
scoring_elements 0.69975
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4761
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4956
8
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
9
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2013-4761.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2013-4761.yml
10
reference_url https://www.puppet.com/security/cve/cve-2013-4761-resourcetype-remote-code-execution-vulnerability
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.puppet.com/security/cve/cve-2013-4761-resourcetype-remote-code-execution-vulnerability
11
reference_url http://www.debian.org/security/2013/dsa-2761
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2761
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=996856
reference_id 996856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=996856
13
reference_url http://puppetlabs.com/security/cve/cve-2013-4761/
reference_id CVE-2013-4761
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2013-4761/
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4761
reference_id CVE-2013-4761
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4761
15
reference_url https://github.com/advisories/GHSA-cj43-9h3w-v976
reference_id GHSA-cj43-9h3w-v976
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cj43-9h3w-v976
16
reference_url https://security.gentoo.org/glsa/201308-04
reference_id GLSA-201308-04
reference_type
scores
url https://security.gentoo.org/glsa/201308-04
17
reference_url https://access.redhat.com/errata/RHSA-2013:1283
reference_id RHSA-2013:1283
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1283
18
reference_url https://access.redhat.com/errata/RHSA-2013:1284
reference_id RHSA-2013:1284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1284
19
reference_url https://usn.ubuntu.com/1928-1/
reference_id USN-1928-1
reference_type
scores
url https://usn.ubuntu.com/1928-1/
fixed_packages
aliases CVE-2013-4761, GHSA-cj43-9h3w-v976
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5g6u-uvej-xbad
3
url VCID-73uh-2gkm-6kgy
vulnerability_id VCID-73uh-2gkm-6kgy
summary 
Multiple vulnerabilities have been found in Puppet, the worst of
    which could lead to execution of arbitrary code.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4956.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4956.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4956
reference_id
reference_type
scores
0
value 0.00108
scoring_system epss
scoring_elements 0.29083
published_at 2026-04-01T12:55:00Z
1
value 0.00108
scoring_system epss
scoring_elements 0.29157
published_at 2026-04-02T12:55:00Z
2
value 0.00108
scoring_system epss
scoring_elements 0.29207
published_at 2026-04-04T12:55:00Z
3
value 0.00108
scoring_system epss
scoring_elements 0.29018
published_at 2026-04-07T12:55:00Z
4
value 0.00108
scoring_system epss
scoring_elements 0.29082
published_at 2026-04-08T12:55:00Z
5
value 0.00108
scoring_system epss
scoring_elements 0.29124
published_at 2026-04-09T12:55:00Z
6
value 0.00108
scoring_system epss
scoring_elements 0.2913
published_at 2026-04-11T12:55:00Z
7
value 0.00108
scoring_system epss
scoring_elements 0.29085
published_at 2026-04-12T12:55:00Z
8
value 0.00108
scoring_system epss
scoring_elements 0.29034
published_at 2026-04-13T12:55:00Z
9
value 0.00108
scoring_system epss
scoring_elements 0.29062
published_at 2026-04-16T12:55:00Z
10
value 0.00108
scoring_system epss
scoring_elements 0.29039
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4956
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4761
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4956
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4956
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=996855
reference_id 996855
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=996855
5
reference_url https://security.gentoo.org/glsa/201308-04
reference_id GLSA-201308-04
reference_type
scores
url https://security.gentoo.org/glsa/201308-04
6
reference_url https://access.redhat.com/errata/RHSA-2013:1283
reference_id RHSA-2013:1283
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1283
7
reference_url https://access.redhat.com/errata/RHSA-2013:1284
reference_id RHSA-2013:1284
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:1284
8
reference_url https://usn.ubuntu.com/1928-1/
reference_id USN-1928-1
reference_type
scores
url https://usn.ubuntu.com/1928-1/
fixed_packages
aliases CVE-2013-4956
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-73uh-2gkm-6kgy
4
url VCID-7f1h-1fw8-k7c4
vulnerability_id VCID-7f1h-1fw8-k7c4
summary foreman: the _session_id cookie is issued without the Secure flag
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3155.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3155.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3155
reference_id
reference_type
scores
0
value 0.0056
scoring_system epss
scoring_elements 0.68193
published_at 2026-04-01T12:55:00Z
1
value 0.0056
scoring_system epss
scoring_elements 0.68214
published_at 2026-04-02T12:55:00Z
2
value 0.0056
scoring_system epss
scoring_elements 0.68233
published_at 2026-04-04T12:55:00Z
3
value 0.0056
scoring_system epss
scoring_elements 0.68209
published_at 2026-04-07T12:55:00Z
4
value 0.0056
scoring_system epss
scoring_elements 0.68259
published_at 2026-04-08T12:55:00Z
5
value 0.0056
scoring_system epss
scoring_elements 0.68275
published_at 2026-04-09T12:55:00Z
6
value 0.0056
scoring_system epss
scoring_elements 0.683
published_at 2026-04-11T12:55:00Z
7
value 0.0056
scoring_system epss
scoring_elements 0.68288
published_at 2026-04-12T12:55:00Z
8
value 0.0056
scoring_system epss
scoring_elements 0.68254
published_at 2026-04-13T12:55:00Z
9
value 0.0056
scoring_system epss
scoring_elements 0.68294
published_at 2026-04-16T12:55:00Z
10
value 0.0056
scoring_system epss
scoring_elements 0.68305
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3155
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1216035
reference_id 1216035
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1216035
fixed_packages
aliases CVE-2015-3155
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7f1h-1fw8-k7c4
5
url VCID-8wen-twwa-8khm
vulnerability_id VCID-8wen-twwa-8khm
summary foreman: cross-site scripting (XSS) flaw in template preview screen
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3653.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3653.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3653
reference_id
reference_type
scores
0
value 0.00389
scoring_system epss
scoring_elements 0.59891
published_at 2026-04-01T12:55:00Z
1
value 0.00389
scoring_system epss
scoring_elements 0.59968
published_at 2026-04-02T12:55:00Z
2
value 0.00389
scoring_system epss
scoring_elements 0.59993
published_at 2026-04-04T12:55:00Z
3
value 0.00389
scoring_system epss
scoring_elements 0.59963
published_at 2026-04-07T12:55:00Z
4
value 0.00389
scoring_system epss
scoring_elements 0.60013
published_at 2026-04-08T12:55:00Z
5
value 0.00389
scoring_system epss
scoring_elements 0.60026
published_at 2026-04-09T12:55:00Z
6
value 0.00389
scoring_system epss
scoring_elements 0.60047
published_at 2026-04-11T12:55:00Z
7
value 0.00389
scoring_system epss
scoring_elements 0.60032
published_at 2026-04-12T12:55:00Z
8
value 0.00389
scoring_system epss
scoring_elements 0.60014
published_at 2026-04-13T12:55:00Z
9
value 0.00389
scoring_system epss
scoring_elements 0.60054
published_at 2026-04-16T12:55:00Z
10
value 0.00389
scoring_system epss
scoring_elements 0.60061
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3653
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1145398
reference_id 1145398
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1145398
fixed_packages
aliases CVE-2014-3653
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8wen-twwa-8khm
6
url VCID-rc65-py17-kuhm
vulnerability_id VCID-rc65-py17-kuhm
summary foreman: lack of SSL certificate validation when performing LDAPS authentication
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1816.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1816.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1816
reference_id
reference_type
scores
0
value 0.00217
scoring_system epss
scoring_elements 0.44212
published_at 2026-04-01T12:55:00Z
1
value 0.00217
scoring_system epss
scoring_elements 0.44279
published_at 2026-04-02T12:55:00Z
2
value 0.00217
scoring_system epss
scoring_elements 0.44302
published_at 2026-04-04T12:55:00Z
3
value 0.00217
scoring_system epss
scoring_elements 0.44235
published_at 2026-04-07T12:55:00Z
4
value 0.00217
scoring_system epss
scoring_elements 0.44287
published_at 2026-04-08T12:55:00Z
5
value 0.00217
scoring_system epss
scoring_elements 0.44292
published_at 2026-04-09T12:55:00Z
6
value 0.00217
scoring_system epss
scoring_elements 0.44309
published_at 2026-04-11T12:55:00Z
7
value 0.00217
scoring_system epss
scoring_elements 0.44277
published_at 2026-04-13T12:55:00Z
8
value 0.00217
scoring_system epss
scoring_elements 0.44335
published_at 2026-04-16T12:55:00Z
9
value 0.00217
scoring_system epss
scoring_elements 0.44326
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1816
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1208602
reference_id 1208602
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1208602
fixed_packages
aliases CVE-2015-1816
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rc65-py17-kuhm
7
url VCID-sqjb-qpyd-p7gn
vulnerability_id VCID-sqjb-qpyd-p7gn
summary foreman: edit_users permission allows changing of admin passwords
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3235.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3235.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3235
reference_id
reference_type
scores
0
value 0.0057
scoring_system epss
scoring_elements 0.68522
published_at 2026-04-01T12:55:00Z
1
value 0.0057
scoring_system epss
scoring_elements 0.6854
published_at 2026-04-02T12:55:00Z
2
value 0.0057
scoring_system epss
scoring_elements 0.68558
published_at 2026-04-04T12:55:00Z
3
value 0.0057
scoring_system epss
scoring_elements 0.68537
published_at 2026-04-07T12:55:00Z
4
value 0.0057
scoring_system epss
scoring_elements 0.68588
published_at 2026-04-08T12:55:00Z
5
value 0.0057
scoring_system epss
scoring_elements 0.68605
published_at 2026-04-09T12:55:00Z
6
value 0.0057
scoring_system epss
scoring_elements 0.68631
published_at 2026-04-11T12:55:00Z
7
value 0.0057
scoring_system epss
scoring_elements 0.68618
published_at 2026-04-12T12:55:00Z
8
value 0.0057
scoring_system epss
scoring_elements 0.68589
published_at 2026-04-13T12:55:00Z
9
value 0.0057
scoring_system epss
scoring_elements 0.68629
published_at 2026-04-16T12:55:00Z
10
value 0.0057
scoring_system epss
scoring_elements 0.68639
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3235
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1232366
reference_id 1232366
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1232366
fixed_packages
aliases CVE-2015-3235
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sqjb-qpyd-p7gn
8
url VCID-tbug-mv5x-uucb
vulnerability_id VCID-tbug-mv5x-uucb
summary The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.
references
0
reference_url https://access.redhat.com/errata/RHSA-2015:1591
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1591
1
reference_url https://access.redhat.com/errata/RHSA-2015:1592
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1592
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4346.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4346.json
3
reference_url https://access.redhat.com/security/cve/CVE-2013-4346
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-4346
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4346
reference_id
reference_type
scores
0
value 0.00472
scoring_system epss
scoring_elements 0.64597
published_at 2026-04-02T12:55:00Z
1
value 0.00472
scoring_system epss
scoring_elements 0.64672
published_at 2026-04-18T12:55:00Z
2
value 0.00472
scoring_system epss
scoring_elements 0.64661
published_at 2026-04-16T12:55:00Z
3
value 0.00472
scoring_system epss
scoring_elements 0.64625
published_at 2026-04-13T12:55:00Z
4
value 0.00472
scoring_system epss
scoring_elements 0.64653
published_at 2026-04-12T12:55:00Z
5
value 0.00472
scoring_system epss
scoring_elements 0.64665
published_at 2026-04-11T12:55:00Z
6
value 0.00472
scoring_system epss
scoring_elements 0.64648
published_at 2026-04-09T12:55:00Z
7
value 0.00472
scoring_system epss
scoring_elements 0.64632
published_at 2026-04-08T12:55:00Z
8
value 0.00472
scoring_system epss
scoring_elements 0.64584
published_at 2026-04-07T12:55:00Z
9
value 0.00472
scoring_system epss
scoring_elements 0.64626
published_at 2026-04-04T12:55:00Z
10
value 0.00472
scoring_system epss
scoring_elements 0.64544
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4346
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1007746
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1007746
6
reference_url https://github.com/joestump/python-oauth2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/joestump/python-oauth2
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-85.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-85.yaml
8
reference_url https://github.com/simplegeo/python-oauth2/issues/129
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/simplegeo/python-oauth2/issues/129
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4346
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4346
10
reference_url https://web.archive.org/web/20200228063302/http://www.securityfocus.com/bid/62386
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228063302/http://www.securityfocus.com/bid/62386
11
reference_url http://www.openwall.com/lists/oss-security/2013/09/12/7
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/09/12/7
12
reference_url http://www.securityfocus.com/bid/62386
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/62386
13
reference_url https://github.com/advisories/GHSA-4433-4cxq-vv73
reference_id GHSA-4433-4cxq-vv73
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4433-4cxq-vv73
fixed_packages
aliases CVE-2013-4346, GHSA-4433-4cxq-vv73, PYSEC-2014-85
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tbug-mv5x-uucb
9
url VCID-utxw-251d-gfff
vulnerability_id VCID-utxw-251d-gfff
summary rhn_satellite_6: cross-site request forgery (CSRF) can force logout
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3590.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3590.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3590
reference_id
reference_type
scores
0
value 0.00242
scoring_system epss
scoring_elements 0.47402
published_at 2026-04-01T12:55:00Z
1
value 0.00242
scoring_system epss
scoring_elements 0.47436
published_at 2026-04-02T12:55:00Z
2
value 0.00242
scoring_system epss
scoring_elements 0.47457
published_at 2026-04-04T12:55:00Z
3
value 0.00242
scoring_system epss
scoring_elements 0.47407
published_at 2026-04-07T12:55:00Z
4
value 0.00242
scoring_system epss
scoring_elements 0.47461
published_at 2026-04-08T12:55:00Z
5
value 0.00242
scoring_system epss
scoring_elements 0.47458
published_at 2026-04-09T12:55:00Z
6
value 0.00242
scoring_system epss
scoring_elements 0.47481
published_at 2026-04-11T12:55:00Z
7
value 0.00242
scoring_system epss
scoring_elements 0.47456
published_at 2026-04-12T12:55:00Z
8
value 0.00242
scoring_system epss
scoring_elements 0.47462
published_at 2026-04-13T12:55:00Z
9
value 0.00242
scoring_system epss
scoring_elements 0.47522
published_at 2026-04-16T12:55:00Z
10
value 0.00242
scoring_system epss
scoring_elements 0.47514
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3590
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1128108
reference_id 1128108
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1128108
fixed_packages
aliases CVE-2014-3590
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-utxw-251d-gfff
10
url VCID-zkgb-14kz-33dz
vulnerability_id VCID-zkgb-14kz-33dz
summary The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack.
references
0
reference_url https://access.redhat.com/errata/RHSA-2015:1591
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1591
1
reference_url https://access.redhat.com/errata/RHSA-2015:1592
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1592
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4347.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4347.json
3
reference_url https://access.redhat.com/security/cve/CVE-2013-4347
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-4347
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4347
reference_id
reference_type
scores
0
value 0.00411
scoring_system epss
scoring_elements 0.61383
published_at 2026-04-04T12:55:00Z
1
value 0.00411
scoring_system epss
scoring_elements 0.61355
published_at 2026-04-02T12:55:00Z
2
value 0.00411
scoring_system epss
scoring_elements 0.61276
published_at 2026-04-01T12:55:00Z
3
value 0.00411
scoring_system epss
scoring_elements 0.61445
published_at 2026-04-18T12:55:00Z
4
value 0.00411
scoring_system epss
scoring_elements 0.61441
published_at 2026-04-16T12:55:00Z
5
value 0.00411
scoring_system epss
scoring_elements 0.61402
published_at 2026-04-13T12:55:00Z
6
value 0.00411
scoring_system epss
scoring_elements 0.61421
published_at 2026-04-12T12:55:00Z
7
value 0.00411
scoring_system epss
scoring_elements 0.61436
published_at 2026-04-11T12:55:00Z
8
value 0.00411
scoring_system epss
scoring_elements 0.61415
published_at 2026-04-09T12:55:00Z
9
value 0.00411
scoring_system epss
scoring_elements 0.614
published_at 2026-04-08T12:55:00Z
10
value 0.00411
scoring_system epss
scoring_elements 0.61353
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4347
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1007758
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1007758
6
reference_url https://github.com/joestump/python-oauth2
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/joestump/python-oauth2
7
reference_url https://github.com/joestump/python-oauth2/commit/82dd2cdd4954cd7b8983d5d64c0dfd9072bf4650
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/joestump/python-oauth2/commit/82dd2cdd4954cd7b8983d5d64c0dfd9072bf4650
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-86.yaml
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-86.yaml
9
reference_url https://github.com/simplegeo/python-oauth2/issues/9
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/simplegeo/python-oauth2/issues/9
10
reference_url https://github.com/simplegeo/python-oauth2/pull/146
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/simplegeo/python-oauth2/pull/146
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4347
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4347
12
reference_url http://www.openwall.com/lists/oss-security/2013/09/12/7
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/09/12/7
13
reference_url http://www.securityfocus.com/bid/62388
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
1
value 6.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/62388
14
reference_url https://github.com/advisories/GHSA-rv8h-p43r-4x5r
reference_id GHSA-rv8h-p43r-4x5r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rv8h-p43r-4x5r
fixed_packages
aliases CVE-2013-4347, GHSA-rv8h-p43r-4x5r, PYSEC-2014-86
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zkgb-14kz-33dz
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/hiera@1.0.0-3%3Farch=el6_4