Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/wmi@1.3.14-1?arch=el6cf
Typerpm
Namespaceredhat
Namewmi
Version1.3.14-1
Qualifiers
arch el6cf
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-3djc-6nq8-43er
vulnerability_id VCID-3djc-6nq8-43er
summary 
Possible DoS Vulnerability
A carefully crafted email address in conjunction with the Action Mailer logger format string could take advantage of a bug in Ruby's sprintf implementation and possibly lead to a denial of service attack. Impacted Ruby code will look something like this: `"some string #{user_input}" % some_number`
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00091.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00091.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00094.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00094.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4389.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4389.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4389
reference_id
reference_type
scores
0
value 0.01333
scoring_system epss
scoring_elements 0.80304
published_at 2026-06-04T12:55:00Z
1
value 0.01333
scoring_system epss
scoring_elements 0.80332
published_at 2026-06-06T12:55:00Z
2
value 0.01333
scoring_system epss
scoring_elements 0.80329
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4389
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417
10
reference_url http://seclists.org/oss-sec/2013/q4/118
reference_id
reference_type
scores
url http://seclists.org/oss-sec/2013/q4/118
11
reference_url https://github.com/advisories/GHSA-rg5m-3fqp-6px8
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-rg5m-3fqp-6px8
12
reference_url https://github.com/rails/rails/tree/main/actionmailer
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rails/rails/tree/main/actionmailer
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionmailer/CVE-2013-4389.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionmailer/CVE-2013-4389.yml
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4389
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4389
15
reference_url https://web.archive.org/web/20201208175929/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/yvlR1Vx44c8/elKJkpO2KVgJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201208175929/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/yvlR1Vx44c8/elKJkpO2KVgJ
16
reference_url http://www.debian.org/security/2014/dsa-2887
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2887
17
reference_url http://www.debian.org/security/2014/dsa-2888
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2014/dsa-2888
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1013913
reference_id 1013913
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1013913
fixed_packages
aliases CVE-2013-4389, GHSA-rg5m-3fqp-6px8, OSV-98629
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3djc-6nq8-43er
1
url VCID-am86-p4wh-wkh7
vulnerability_id VCID-am86-p4wh-wkh7
summary 
Arbitrary file existence disclosure
Specially crafted requests can be used to determine whether a file exists on the filesystem that is outside an application's root directory. The files will not be served, but attackers can determine whether the file exists.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html
4
reference_url https://access.redhat.com/errata/RHBA-2015:1100
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHBA-2015:1100
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7819.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7819.json
6
reference_url https://access.redhat.com/security/cve/CVE-2014-7819
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-7819
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7819
reference_id
reference_type
scores
0
value 0.00748
scoring_system epss
scoring_elements 0.73498
published_at 2026-06-06T12:55:00Z
1
value 0.00748
scoring_system epss
scoring_elements 0.73456
published_at 2026-06-04T12:55:00Z
2
value 0.00748
scoring_system epss
scoring_elements 0.73493
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7819
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1161527
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1161527
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7819
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7819
10
reference_url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ
11
reference_url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ
12
reference_url https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7819
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-7819
14
reference_url https://github.com/advisories/GHSA-33pp-3763-mrfp
reference_id GHSA-33pp-3763-mrfp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-33pp-3763-mrfp
fixed_packages
aliases CVE-2014-7819, GHSA-33pp-3763-mrfp, OSV-113965
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-am86-p4wh-wkh7
2
url VCID-ec4f-bg8b-x7ef
vulnerability_id VCID-ec4f-bg8b-x7ef
summary 
Log Plaintext Password Local Disclosure
REST Client for Ruby contains a flaw that is due to the application logging password information in plaintext. This may allow a local attacker to gain access to password information.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2015-04/msg00026.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-04/msg00026.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3448.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3448.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3448
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20545
published_at 2026-06-06T12:55:00Z
1
value 0.00065
scoring_system epss
scoring_elements 0.20486
published_at 2026-06-04T12:55:00Z
2
value 0.00065
scoring_system epss
scoring_elements 0.20559
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3448
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3448
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3448
4
reference_url https://github.com/rest-client/rest-client
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rest-client/rest-client
5
reference_url https://github.com/rest-client/rest-client/issues/349
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rest-client/rest-client/issues/349
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-3448
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-3448
7
reference_url https://web.archive.org/web/20200228154247/http://www.securityfocus.com/bid/74415
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228154247/http://www.securityfocus.com/bid/74415
8
reference_url http://www.osvdb.org/show/osvdb/117461
reference_id
reference_type
scores
url http://www.osvdb.org/show/osvdb/117461
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1240982
reference_id 1240982
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1240982
10
reference_url https://github.com/advisories/GHSA-mx9f-w8qq-q5jf
reference_id GHSA-mx9f-w8qq-q5jf
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mx9f-w8qq-q5jf
11
reference_url https://access.redhat.com/errata/RHSA-2021:1313
reference_id RHSA-2021:1313
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1313
fixed_packages
aliases CVE-2015-3448, GHSA-mx9f-w8qq-q5jf
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ec4f-bg8b-x7ef
3
url VCID-hdmz-kfek-eyer
vulnerability_id VCID-hdmz-kfek-eyer
summary 
Reflective XSS Vulnerability
When a translation is missing, the HTML exception message raised does not escape the keys. Under certain common configurations this string can contain user input which would allow an attacker to execute a reflective XSS attack.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html
1
reference_url https://access.redhat.com/errata/RHBA-2015:1100
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHBA-2015:1100
2
reference_url https://access.redhat.com/errata/RHSA-2017:0320
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:0320
3
reference_url https://access.redhat.com/errata/RHSA-2018:0380
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0380
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4492.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4492.json
5
reference_url https://access.redhat.com/security/cve/CVE-2013-4492
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-4492
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-4492
reference_id
reference_type
scores
0
value 0.00445
scoring_system epss
scoring_elements 0.63729
published_at 2026-06-04T12:55:00Z
1
value 0.00445
scoring_system epss
scoring_elements 0.63778
published_at 2026-06-06T12:55:00Z
2
value 0.00445
scoring_system epss
scoring_elements 0.6377
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-4492
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1039435
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1039435
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4492
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4492
9
reference_url https://github.com/advisories/GHSA-r5hc-9xx5-97rw
reference_id
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-r5hc-9xx5-97rw
10
reference_url https://github.com/ruby-i18n/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ruby-i18n/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/i18n/CVE-2013-4492.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/i18n/CVE-2013-4492.yml
12
reference_url https://github.com/svenfuchs/i18n
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/svenfuchs/i18n
13
reference_url https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445
14
reference_url https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ
reference_id
reference_type
scores
url https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ
15
reference_url https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998
16
reference_url https://web.archive.org/web/20201208125214/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201208125214/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ
17
reference_url https://web.archive.org/web/20210731082547/http://www.securityfocus.com/bid/64076
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210731082547/http://www.securityfocus.com/bid/64076
18
reference_url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released
19
reference_url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/
reference_id
reference_type
scores
url http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/
20
reference_url http://www.debian.org/security/2013/dsa-2830
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2013/dsa-2830
21
reference_url http://www.securityfocus.com/bid/64076
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/64076
22
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-4492
reference_id CVE-2013-4492
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-4492
fixed_packages
aliases CVE-2013-4492, GHSA-r5hc-9xx5-97rw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hdmz-kfek-eyer
4
url VCID-jx3q-cxcq-9bgq
vulnerability_id VCID-jx3q-cxcq-9bgq
summary 
Session fixation vulnerability via Set-Cookie headers
The package rest-client in `abstract_response.rb` improperly handles `Set-Cookie` headers on HTTP redirection responses. Any cookies will be forwarded to the redirection target regardless of domain, path, or expiration. If you control a redirection source, you can cause rest-client to perform a request to any third-party domain with cookies of your choosing, which may be useful in performing a session fixation attack. If you control a redirection target, you can steal any cookies set by the third-party redirection request.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1820.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1820.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-1820
reference_id
reference_type
scores
0
value 0.03723
scoring_system epss
scoring_elements 0.88212
published_at 2026-06-06T12:55:00Z
1
value 0.03723
scoring_system epss
scoring_elements 0.88209
published_at 2026-06-05T12:55:00Z
2
value 0.03723
scoring_system epss
scoring_elements 0.88189
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-1820
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1205291
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1205291
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1820
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1820
4
reference_url https://github.com/rest-client/rest-client
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rest-client/rest-client
5
reference_url https://github.com/rest-client/rest-client/issues/369
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/rest-client/rest-client/issues/369
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-1820
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-1820
7
reference_url https://rubygems.org/gems/rest-client/versions/1.6.1.a
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://rubygems.org/gems/rest-client/versions/1.6.1.a
8
reference_url https://web.archive.org/web/20200228080106/http://www.securityfocus.com/bid/73295
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228080106/http://www.securityfocus.com/bid/73295
9
reference_url http://www.openwall.com/lists/oss-security/2015/03/24/3
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/03/24/3
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781238
reference_id 781238
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781238
11
reference_url https://github.com/advisories/GHSA-3fhf-6939-qg8p
reference_id GHSA-3fhf-6939-qg8p
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3fhf-6939-qg8p
12
reference_url https://access.redhat.com/errata/RHSA-2021:1313
reference_id RHSA-2021:1313
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1313
fixed_packages
aliases CVE-2015-1820, GHSA-3fhf-6939-qg8p, OSV-119878
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jx3q-cxcq-9bgq
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/wmi@1.3.14-1%3Farch=el6cf