Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/118963?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/118963?format=api", "purl": "pkg:rpm/redhat/prince@9.0r2-4?arch=el6cf", "type": "rpm", "namespace": "redhat", "name": "prince", "version": "9.0r2-4", "qualifiers": { "arch": "el6cf" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86109?format=api", "vulnerability_id": "VCID-5sfa-s7xw-cyeg", "summary": "CFME: default routes expose controllers and actions", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1317.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1317.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0140.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0140.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.3829", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38287", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38426", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.3845", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38313", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38364", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38372", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38389", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38352", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38327", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38375", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00171", "scoring_system": "epss", "scoring_elements": "0.38354", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0140" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077359", "reference_id": "1077359", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077359" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.1_management_engine:5.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0.1_management_engine:5.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.1_management_engine:5.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.2_management_engine:5.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0.2_management_engine:5.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.2_management_engine:5.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.3_management_engine:5.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0.3_management_engine:5.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.3_management_engine:5.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.4_management_engine:5.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0.4_management_engine:5.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.4_management_engine:5.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.5_management_engine:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0.5_management_engine:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.5_management_engine:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0140", "reference_id": "CVE-2014-0140", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0140" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1317", "reference_id": "RHSA-2014:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1317" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0140" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5sfa-s7xw-cyeg" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6872?format=api", "vulnerability_id": "VCID-65ha-wgr4-eqd4", "summary": "Reflective XSS Vulnerability\nWhen a translation is missing, the HTML exception message raised does not escape the keys. Under certain common configurations this string can contain user input which would allow an attacker to execute a reflective XSS attack.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2015:1100", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2015:1100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0320", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:0320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0380", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0380" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4492.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4492.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-4492", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-4492" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63447", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63431", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63453", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63323", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63384", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63411", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63376", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63428", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63446", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63463", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4492" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039435", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039435" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4492" }, { "reference_url": "https://github.com/advisories/GHSA-r5hc-9xx5-97rw", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r5hc-9xx5-97rw" }, { "reference_url": "https://github.com/ruby-i18n/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ruby-i18n/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/i18n/CVE-2013-4492.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/i18n/CVE-2013-4492.yml" }, { "reference_url": "https://github.com/svenfuchs/i18n", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/svenfuchs/i18n" }, { "reference_url": "https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ" }, { "reference_url": "https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998" }, { "reference_url": "https://web.archive.org/web/20201208125214/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201208125214/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ" }, { "reference_url": "https://web.archive.org/web/20210731082547/http://www.securityfocus.com/bid/64076", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210731082547/http://www.securityfocus.com/bid/64076" }, { "reference_url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released" }, { "reference_url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2830", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2013/dsa-2830" }, { "reference_url": "http://www.securityfocus.com/bid/64076", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/64076" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4492", "reference_id": "CVE-2013-4492", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4492" } ], "fixed_packages": [], "aliases": [ "CVE-2013-4492", "GHSA-r5hc-9xx5-97rw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-65ha-wgr4-eqd4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/34402?format=api", "vulnerability_id": "VCID-6wud-ngbu-rqch", "summary": "Multiple vulnerabilities have been found in PostgreSQL, the worst\n of which may allow remote Denial of Service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2669.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2669.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01207", "scoring_system": "epss", "scoring_elements": "0.78989", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01207", "scoring_system": "epss", "scoring_elements": "0.78975", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01207", "scoring_system": "epss", "scoring_elements": "0.78965", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01207", "scoring_system": "epss", "scoring_elements": "0.78993", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01207", "scoring_system": "epss", "scoring_elements": "0.78935", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01207", "scoring_system": "epss", "scoring_elements": "0.7896", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01207", "scoring_system": "epss", "scoring_elements": "0.78966", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01207", "scoring_system": "epss", "scoring_elements": "0.7899", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01707", "scoring_system": "epss", "scoring_elements": "0.82262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01707", "scoring_system": "epss", "scoring_elements": "0.82281", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01707", "scoring_system": "epss", "scoring_elements": "0.82249", "published_at": "2026-04-01T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082154", "reference_id": "1082154", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082154" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" } ], "fixed_packages": [], "aliases": [ "CVE-2014-2669" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6wud-ngbu-rqch" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3609?format=api", "vulnerability_id": "VCID-8cbh-gwwy-n3eq", "summary": "Potential buffer overruns due to integer overflow in size calculations.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0064.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0064.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91253", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91177", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91182", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91191", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91198", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91211", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91218", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91224", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91228", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91252", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91251", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0064/", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0064/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065230", "reference_id": "1065230", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065230" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0064" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8cbh-gwwy-n3eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3612?format=api", "vulnerability_id": "VCID-8j4f-u2tq-1qev", "summary": "Privilege escalation via calls to validator functions.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0061.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0061.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00783", "scoring_system": "epss", "scoring_elements": "0.73698", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00783", "scoring_system": "epss", "scoring_elements": "0.73722", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00783", "scoring_system": "epss", "scoring_elements": "0.73688", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74431", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74452", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74432", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74423", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.7446", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74469", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74381", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74413", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0061/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0061/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065220", "reference_id": "1065220", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065220" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0061" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8j4f-u2tq-1qev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6860?format=api", "vulnerability_id": "VCID-e3j5-xgbr-2qa1", "summary": "Possible DoS Vulnerability\nA carefully crafted email address in conjunction with the Action Mailer logger format string could take advantage of a bug in Ruby's sprintf implementation and possibly lead to a denial of service attack. Impacted Ruby code will look something like this: `\"some string #{user_input}\" % some_number`", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00091.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00094.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00094.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4389.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4389.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79994", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79942", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.7993", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79959", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79968", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79988", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79971", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79963", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79991", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79914", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.79921", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4389" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417" }, { "reference_url": "http://seclists.org/oss-sec/2013/q4/118", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2013/q4/118" }, { "reference_url": "https://github.com/advisories/GHSA-rg5m-3fqp-6px8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rg5m-3fqp-6px8" }, { "reference_url": "https://github.com/rails/rails/tree/main/actionmailer", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/rails/tree/main/actionmailer" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionmailer/CVE-2013-4389.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionmailer/CVE-2013-4389.yml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4389", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4389" }, { "reference_url": "https://web.archive.org/web/20201208175929/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/yvlR1Vx44c8/elKJkpO2KVgJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201208175929/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/yvlR1Vx44c8/elKJkpO2KVgJ" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2887", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2014/dsa-2887" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2888", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2014/dsa-2888" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1013913", "reference_id": "1013913", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1013913" } ], "fixed_packages": [], "aliases": [ "CVE-2013-4389", "GHSA-rg5m-3fqp-6px8", "OSV-98629" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e3j5-xgbr-2qa1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86285?format=api", "vulnerability_id": "VCID-g4zx-p5dt-cba8", "summary": "CFME: multiple authorization bypass vulnerabilities in CatalogController", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0078.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0078.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0078", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.6992", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.69932", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.69946", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.69924", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.69971", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.69988", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.70011", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.69996", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.69983", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.70026", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.70035", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.70017", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0078" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064556", "reference_id": "1064556", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0078" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g4zx-p5dt-cba8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7027?format=api", "vulnerability_id": "VCID-g8de-56gr-37cf", "summary": "Arbitrary file existence disclosure\nSpecially crafted requests can be used to determine whether a file exists on the filesystem that is outside an application's root directory. The files will not be served, but attackers can determine whether the file exists.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2015:1100", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2015:1100" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7819.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7819.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-7819", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-7819" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7819", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73145", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73089", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73102", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73127", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73106", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.731", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73143", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73153", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73048", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73058", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73078", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73052", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7819" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161527", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7819" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ" }, { "reference_url": "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7819", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7819" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:2.6.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sprockets_project:sprockets:2.6.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:2.6.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:3.0.0:beta1:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sprockets_project:sprockets:3.0.0:beta1:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:3.0.0:beta1:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:3.0.0:beta2:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:sprockets_project:sprockets:3.0.0:beta2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sprockets_project:sprockets:3.0.0:beta2:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-33pp-3763-mrfp", "reference_id": "GHSA-33pp-3763-mrfp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-33pp-3763-mrfp" } ], "fixed_packages": [], "aliases": [ "CVE-2014-7819", "GHSA-33pp-3763-mrfp", "OSV-113965" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g8de-56gr-37cf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7102?format=api", "vulnerability_id": "VCID-jggb-58ap-ybab", "summary": "Log Plaintext Password Local Disclosure\nREST Client for Ruby contains a flaw that is due to the application logging password information in plaintext. This may allow a local attacker to gain access to password information.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00026.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00026.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3448.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3448.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20291", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20405", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20359", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20301", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20289", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20307", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20451", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20511", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20236", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20317", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20375", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3448" }, { "reference_url": "https://github.com/rest-client/rest-client", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rest-client/rest-client" }, { "reference_url": "https://github.com/rest-client/rest-client/issues/349", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rest-client/rest-client/issues/349" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3448", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3448" }, { "reference_url": "https://web.archive.org/web/20200228154247/http://www.securityfocus.com/bid/74415", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228154247/http://www.securityfocus.com/bid/74415" }, { "reference_url": "http://www.osvdb.org/show/osvdb/117461", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/show/osvdb/117461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1240982", "reference_id": "1240982", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1240982" }, { "reference_url": "https://github.com/advisories/GHSA-mx9f-w8qq-q5jf", "reference_id": "GHSA-mx9f-w8qq-q5jf", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mx9f-w8qq-q5jf" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1313", "reference_id": "RHSA-2021:1313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1313" } ], "fixed_packages": [], "aliases": [ "CVE-2015-3448", "GHSA-mx9f-w8qq-q5jf" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jggb-58ap-ybab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3611?format=api", "vulnerability_id": "VCID-kbgc-w2jw-auh8", "summary": "Race condition in CREATE INDEX allows for privilege escalation.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0062.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0062.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59626", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59489", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59562", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59587", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59556", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59607", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.5962", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59639", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59622", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59603", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59636", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59643", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0062/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0062/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065222", "reference_id": "1065222", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065222" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0062" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kbgc-w2jw-auh8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6869?format=api", "vulnerability_id": "VCID-nf8s-2aaa-17fw", "summary": "Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk)\nDue to the way that `Rack::Request` and `Rails::Request` interact, it is possible for a 3rd party or custom rack middleware to parse the parameters insecurely and store them in the same key that Rails uses for its own parameters. In the event that happens the application will receive unsafe parameters and could be vulnerable to the earlier vulnerability: it would be possible for an attacker to issue unexpected database queries with `IS NULL` or empty where clauses.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1794.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1794.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0008.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6417.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6417.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66501", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66487", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66468", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66515", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.6653", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66512", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66477", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66508", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.6652", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66439", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66402", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66441", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417" }, { "reference_url": "http://seclists.org/oss-sec/2013/q4/403", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2013/q4/403" }, { "reference_url": "https://github.com/rails/rails", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/rails" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-6417.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-6417.yml" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/niK4drpSHT4/g8JW8ZsayRkJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/niK4drpSHT4/g8JW8ZsayRkJ" }, { "reference_url": "https://groups.google.com/forum/#!topic/ruby-security-ann/niK4drpSHT4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/niK4drpSHT4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6417", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6417" }, { "reference_url": "https://puppet.com/security/cve/cve-2013-6417", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://puppet.com/security/cve/cve-2013-6417" }, { "reference_url": "https://web.archive.org/web/20160806051251/https://puppet.com/security/cve/cve-2013-6417", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160806051251/https://puppet.com/security/cve/cve-2013-6417" }, { "reference_url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released" }, { "reference_url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2888", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2014/dsa-2888" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1036409", "reference_id": "1036409", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1036409" }, { "reference_url": "https://github.com/advisories/GHSA-wpw7-wxjm-cw8r", "reference_id": "GHSA-wpw7-wxjm-cw8r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wpw7-wxjm-cw8r" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1794", "reference_id": "RHSA-2013:1794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1794" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0008", "reference_id": "RHSA-2014:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" } ], "fixed_packages": [], "aliases": [ "CVE-2013-6417", "GHSA-wpw7-wxjm-cw8r", "OSV-100527" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nf8s-2aaa-17fw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86286?format=api", "vulnerability_id": "VCID-nrjc-ndqj-wkak", "summary": "CFME: ReportController SQL injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0137.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0137.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.59923", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.59999", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60024", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.59994", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60044", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60058", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60079", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60063", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60046", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60085", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60092", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60078", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0137" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1076688", "reference_id": "1076688", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1076688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0137" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nrjc-ndqj-wkak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3608?format=api", "vulnerability_id": "VCID-nz16-gzhk-h3c1", "summary": "Potential buffer overruns of fixed-size buffers.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0065.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0065.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03867", "scoring_system": "epss", "scoring_elements": "0.88174", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03867", "scoring_system": "epss", "scoring_elements": "0.8819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03867", "scoring_system": "epss", "scoring_elements": "0.88166", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.04053", "scoring_system": "epss", "scoring_elements": "0.88515", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04053", "scoring_system": "epss", "scoring_elements": "0.88526", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04053", "scoring_system": "epss", "scoring_elements": "0.88518", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.04053", "scoring_system": "epss", "scoring_elements": "0.88532", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.04053", "scoring_system": "epss", "scoring_elements": "0.88528", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.04053", "scoring_system": "epss", "scoring_elements": "0.88525", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.04053", "scoring_system": "epss", "scoring_elements": "0.8849", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04053", "scoring_system": "epss", "scoring_elements": "0.88508", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0065/", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0065/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065235", "reference_id": "1065235", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065235" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0065" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nz16-gzhk-h3c1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3607?format=api", "vulnerability_id": "VCID-pvxg-byvu-pbec", "summary": "Potential null pointer dereference crash when crypt(3) returns NULL.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0066.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0066.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01402", "scoring_system": "epss", "scoring_elements": "0.80401", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01402", "scoring_system": "epss", "scoring_elements": "0.80375", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01402", "scoring_system": "epss", "scoring_elements": "0.80381", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.8094", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80956", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80942", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80933", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80969", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.8097", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80972", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80903", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.80931", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0066/", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0066/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065236", "reference_id": "1065236", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065236" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0066" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pvxg-byvu-pbec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3610?format=api", "vulnerability_id": "VCID-reab-s9cu-yudn", "summary": "Potential buffer overruns in datetime input/output.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0063.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0063.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05777", "scoring_system": "epss", "scoring_elements": "0.90446", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.05777", "scoring_system": "epss", "scoring_elements": "0.90458", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.05777", "scoring_system": "epss", "scoring_elements": "0.90442", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.90732", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.90741", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.90738", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.90757", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.90754", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.90752", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.90715", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.90726", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0063/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0063/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065226", "reference_id": "1065226", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065226" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0063" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-reab-s9cu-yudn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/8084?format=api", "vulnerability_id": "VCID-vhdm-w6p1-uuh9", "summary": "Session fixation vulnerability via Set-Cookie headers\nThe package rest-client in `abstract_response.rb` improperly handles `Set-Cookie` headers on HTTP redirection responses. Any cookies will be forwarded to the redirection target regardless of domain, path, or expiration. If you control a redirection source, you can cause rest-client to perform a request to any third-party domain with cookies of your choosing, which may be useful in performing a session fixation attack. If you control a redirection target, you can steal any cookies set by the third-party redirection request.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1820.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1820.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1820", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.87939", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.87999", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.88001", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.87987", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.87995", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.87984", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.87977", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.87956", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.87929", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.87952", "published_at": "2026-04-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1820" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205291", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1820", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1820" }, { "reference_url": "https://github.com/rest-client/rest-client", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rest-client/rest-client" }, { "reference_url": "https://github.com/rest-client/rest-client/issues/369", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rest-client/rest-client/issues/369" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1820", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1820" }, { "reference_url": "https://rubygems.org/gems/rest-client/versions/1.6.1.a", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rubygems.org/gems/rest-client/versions/1.6.1.a" }, { "reference_url": "https://web.archive.org/web/20200228080106/http://www.securityfocus.com/bid/73295", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228080106/http://www.securityfocus.com/bid/73295" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/03/24/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2015/03/24/3" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781238", "reference_id": "781238", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781238" }, { "reference_url": "https://github.com/advisories/GHSA-3fhf-6939-qg8p", "reference_id": "GHSA-3fhf-6939-qg8p", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3fhf-6939-qg8p" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1313", "reference_id": "RHSA-2021:1313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1313" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1820", "GHSA-3fhf-6939-qg8p", "OSV-119878" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vhdm-w6p1-uuh9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3613?format=api", "vulnerability_id": "VCID-w518-wkek-97ag", "summary": "SET ROLE bypasses lack of ADMIN OPTION.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0060.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0060.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66718", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66744", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00518", "scoring_system": "epss", "scoring_elements": "0.66678", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67794", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67817", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67803", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67769", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67805", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.678", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67728", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.67779", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0060/", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0060/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065219", "reference_id": "1065219", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065219" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0060" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w518-wkek-97ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86110?format=api", "vulnerability_id": "VCID-wyku-upny-vuhk", "summary": "CFME: dangerous send method in performance.rb", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1317.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1317.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3642.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3642.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3642", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59748", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59602", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59676", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59701", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59671", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59722", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59735", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59754", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59738", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.5972", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59757", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00385", "scoring_system": "epss", "scoring_elements": "0.59764", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3642" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1092894", "reference_id": "1092894", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1092894" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.1_management_engine:5.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0.1_management_engine:5.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.1_management_engine:5.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.2_management_engine:5.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0.2_management_engine:5.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.2_management_engine:5.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.3_management_engine:5.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0.3_management_engine:5.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.3_management_engine:5.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.4_management_engine:5.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0.4_management_engine:5.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.4_management_engine:5.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.5_management_engine:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0.5_management_engine:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0.5_management_engine:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms_3.0_management_engine:5.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3642", "reference_id": "CVE-2014-3642", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3642" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1317", "reference_id": "RHSA-2014:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1317" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3642" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wyku-upny-vuhk" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/prince@9.0r2-4%3Farch=el6cf" }