Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/169156?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/169156?format=api", "purl": "pkg:rpm/redhat/prince@9.0r2-4?arch=el6cf", "type": "rpm", "namespace": "redhat", "name": "prince", "version": "9.0r2-4", "qualifiers": { "arch": "el6cf" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58333?format=api", "vulnerability_id": "VCID-2bem-j76d-3fez", "summary": "Privilege escalation via calls to validator functions.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0061.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0061.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74784", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00822", "scoring_system": "epss", "scoring_elements": "0.74815", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0061/", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0061/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065220", "reference_id": "1065220", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065220" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0061" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2bem-j76d-3fez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37587?format=api", "vulnerability_id": "VCID-3djc-6nq8-43er", "summary": "Possible DoS Vulnerability\nA carefully crafted email address in conjunction with the Action Mailer logger format string could take advantage of a bug in Ruby's sprintf implementation and possibly lead to a denial of service attack. Impacted Ruby code will look something like this: `\"some string #{user_input}\" % some_number`", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00091.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00091.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00094.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00094.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4389.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4389.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4389", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.80329", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01333", "scoring_system": "epss", "scoring_elements": "0.80304", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4389" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417" }, { "reference_url": "http://seclists.org/oss-sec/2013/q4/118", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2013/q4/118" }, { "reference_url": "https://github.com/advisories/GHSA-rg5m-3fqp-6px8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rg5m-3fqp-6px8" }, { "reference_url": "https://github.com/rails/rails/tree/main/actionmailer", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/rails/tree/main/actionmailer" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionmailer/CVE-2013-4389.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionmailer/CVE-2013-4389.yml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4389", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4389" }, { "reference_url": "https://web.archive.org/web/20201208175929/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/yvlR1Vx44c8/elKJkpO2KVgJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201208175929/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/yvlR1Vx44c8/elKJkpO2KVgJ" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2887", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2014/dsa-2887" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2888", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2014/dsa-2888" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1013913", "reference_id": "1013913", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1013913" } ], "fixed_packages": [], "aliases": [ "CVE-2013-4389", "GHSA-rg5m-3fqp-6px8", "OSV-98629" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3djc-6nq8-43er" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58330?format=api", "vulnerability_id": "VCID-3ww2-a3u7-4qe2", "summary": "Potential buffer overruns due to integer overflow in size calculations.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0064.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0064.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91392", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.06674", "scoring_system": "epss", "scoring_elements": "0.91405", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0064/", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0064/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065230", "reference_id": "1065230", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065230" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0064" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3ww2-a3u7-4qe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114047?format=api", "vulnerability_id": "VCID-66k3-q3b9-5yc5", "summary": "CFME: dangerous send method in performance.rb", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3642.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3642.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3642", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67739", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00534", "scoring_system": "epss", "scoring_elements": "0.67779", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3642" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1092894", "reference_id": "1092894", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1092894" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1317", "reference_id": "RHSA-2014:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1317" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3642" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-66k3-q3b9-5yc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58328?format=api", "vulnerability_id": "VCID-6za2-npa4-kybv", "summary": "Potential null pointer dereference crash when crypt(3) returns NULL.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0066.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0066.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.81273", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01472", "scoring_system": "epss", "scoring_elements": "0.81301", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0066/", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0066/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065236", "reference_id": "1065236", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065236" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0066" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6za2-npa4-kybv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37769?format=api", "vulnerability_id": "VCID-am86-p4wh-wkh7", "summary": "Arbitrary file existence disclosure\nSpecially crafted requests can be used to determine whether a file exists on the filesystem that is outside an application's root directory. The files will not be served, but attackers can determine whether the file exists.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00103.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00105.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00110.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-11/msg00111.html" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2015:1100", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2015:1100" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7819.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7819.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-7819", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-7819" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7819", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73493", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00748", "scoring_system": "epss", "scoring_elements": "0.73456", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-7819" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161527", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1161527" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7819", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7819" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/doAVp0YaTqY/aHFngBqNBoAJ" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/wQBeGXqGs3E/JqUMB6fhh3gJ" }, { "reference_url": "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/doAVp0YaTqY" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7819", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-7819" }, { "reference_url": "https://github.com/advisories/GHSA-33pp-3763-mrfp", "reference_id": "GHSA-33pp-3763-mrfp", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-33pp-3763-mrfp" } ], "fixed_packages": [], "aliases": [ "CVE-2014-7819", "GHSA-33pp-3763-mrfp", "OSV-113965" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-am86-p4wh-wkh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37845?format=api", "vulnerability_id": "VCID-ec4f-bg8b-x7ef", "summary": "Log Plaintext Password Local Disclosure\nREST Client for Ruby contains a flaw that is due to the application logging password information in plaintext. This may allow a local attacker to gain access to password information.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00026.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00026.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3448.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3448.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20559", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20486", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3448" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3448", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3448" }, { "reference_url": "https://github.com/rest-client/rest-client", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rest-client/rest-client" }, { "reference_url": "https://github.com/rest-client/rest-client/issues/349", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rest-client/rest-client/issues/349" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3448", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-3448" }, { "reference_url": "https://web.archive.org/web/20200228154247/http://www.securityfocus.com/bid/74415", "reference_id": "", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228154247/http://www.securityfocus.com/bid/74415" }, { "reference_url": "http://www.osvdb.org/show/osvdb/117461", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/show/osvdb/117461" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1240982", "reference_id": "1240982", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1240982" }, { "reference_url": "https://github.com/advisories/GHSA-mx9f-w8qq-q5jf", "reference_id": "GHSA-mx9f-w8qq-q5jf", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mx9f-w8qq-q5jf" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1313", "reference_id": "RHSA-2021:1313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1313" } ], "fixed_packages": [], "aliases": [ "CVE-2015-3448", "GHSA-mx9f-w8qq-q5jf" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ec4f-bg8b-x7ef" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114363?format=api", "vulnerability_id": "VCID-fmxh-yscm-sbhh", "summary": "postgresql: multiple integer overflows in hstore_io.c", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2669.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2669.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01207", "scoring_system": "epss", "scoring_elements": "0.79293", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01207", "scoring_system": "epss", "scoring_elements": "0.79319", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-2669" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082154", "reference_id": "1082154", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1082154" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" } ], "fixed_packages": [], "aliases": [ "CVE-2014-2669" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fmxh-yscm-sbhh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58331?format=api", "vulnerability_id": "VCID-g6kr-y1kz-quhs", "summary": "Potential buffer overruns in datetime input/output.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0063.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0063.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.9089", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.06047", "scoring_system": "epss", "scoring_elements": "0.90904", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0063/", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0063/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065226", "reference_id": "1065226", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065226" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0063" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-g6kr-y1kz-quhs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58329?format=api", "vulnerability_id": "VCID-gbnk-dns7-4fhd", "summary": "Potential buffer overruns of fixed-size buffers.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0065.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0065.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04053", "scoring_system": "epss", "scoring_elements": "0.88722", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04053", "scoring_system": "epss", "scoring_elements": "0.88739", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0065/", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0065/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065235", "reference_id": "1065235", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065235" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0065" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gbnk-dns7-4fhd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37601?format=api", "vulnerability_id": "VCID-hdmz-kfek-eyer", "summary": "Reflective XSS Vulnerability\nWhen a translation is missing, the HTML exception message raised does not escape the keys. Under certain common configurations this string can contain user input which would allow an attacker to execute a reflective XSS attack.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html" }, { "reference_url": "https://access.redhat.com/errata/RHBA-2015:1100", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2015:1100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2017:0320", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2017:0320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0380", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0380" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4492.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4492.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-4492", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-4492" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4492", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.63729", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00445", "scoring_system": "epss", "scoring_elements": "0.6377", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4492" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039435", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1039435" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4492", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4492" }, { "reference_url": "https://github.com/advisories/GHSA-r5hc-9xx5-97rw", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r5hc-9xx5-97rw" }, { "reference_url": "https://github.com/ruby-i18n/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/ruby-i18n/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/i18n/CVE-2013-4492.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/i18n/CVE-2013-4492.yml" }, { "reference_url": "https://github.com/svenfuchs/i18n", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/svenfuchs/i18n" }, { "reference_url": "https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ" }, { "reference_url": "https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998" }, { "reference_url": "https://web.archive.org/web/20201208125214/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20201208125214/https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ" }, { "reference_url": "https://web.archive.org/web/20210731082547/http://www.securityfocus.com/bid/64076", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20210731082547/http://www.securityfocus.com/bid/64076" }, { "reference_url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released" }, { "reference_url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2830", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2013/dsa-2830" }, { "reference_url": "http://www.securityfocus.com/bid/64076", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/64076" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4492", "reference_id": "CVE-2013-4492", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4492" } ], "fixed_packages": [], "aliases": [ "CVE-2013-4492", "GHSA-r5hc-9xx5-97rw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hdmz-kfek-eyer" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/38754?format=api", "vulnerability_id": "VCID-jx3q-cxcq-9bgq", "summary": "Session fixation vulnerability via Set-Cookie headers\nThe package rest-client in `abstract_response.rb` improperly handles `Set-Cookie` headers on HTTP redirection responses. Any cookies will be forwarded to the redirection target regardless of domain, path, or expiration. If you control a redirection source, you can cause rest-client to perform a request to any third-party domain with cookies of your choosing, which may be useful in performing a session fixation attack. If you control a redirection target, you can steal any cookies set by the third-party redirection request.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1820.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1820.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1820", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.88189", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.03723", "scoring_system": "epss", "scoring_elements": "0.88209", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1820" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205291", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205291" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1820", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1820" }, { "reference_url": "https://github.com/rest-client/rest-client", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rest-client/rest-client" }, { "reference_url": "https://github.com/rest-client/rest-client/issues/369", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rest-client/rest-client/issues/369" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1820", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1820" }, { "reference_url": "https://rubygems.org/gems/rest-client/versions/1.6.1.a", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://rubygems.org/gems/rest-client/versions/1.6.1.a" }, { "reference_url": "https://web.archive.org/web/20200228080106/http://www.securityfocus.com/bid/73295", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228080106/http://www.securityfocus.com/bid/73295" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/03/24/3", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2015/03/24/3" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781238", "reference_id": "781238", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=781238" }, { "reference_url": "https://github.com/advisories/GHSA-3fhf-6939-qg8p", "reference_id": "GHSA-3fhf-6939-qg8p", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3fhf-6939-qg8p" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1313", "reference_id": "RHSA-2021:1313", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1313" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1820", "GHSA-3fhf-6939-qg8p", "OSV-119878" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jx3q-cxcq-9bgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114247?format=api", "vulnerability_id": "VCID-r7qb-9nt4-m7et", "summary": "CFME: multiple authorization bypass vulnerabilities in CatalogController", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0078.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0078.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0078", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.70371", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00619", "scoring_system": "epss", "scoring_elements": "0.70413", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0078" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064556", "reference_id": "1064556", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1064556" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0078" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r7qb-9nt4-m7et" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58334?format=api", "vulnerability_id": "VCID-tres-k45f-q7aj", "summary": "SET ROLE bypasses lack of ADMIN OPTION.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0060.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0060.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.6812", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.68159", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0060/", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0060/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065219", "reference_id": "1065219", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065219" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0060" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tres-k45f-q7aj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114046?format=api", "vulnerability_id": "VCID-vb9g-cbjt-kybe", "summary": "CFME: default routes expose controllers and actions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0140.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0140.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0140", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47724", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47787", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0140" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077359", "reference_id": "1077359", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1077359" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1317", "reference_id": "RHSA-2014:1317", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1317" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0140" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vb9g-cbjt-kybe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/114248?format=api", "vulnerability_id": "VCID-ymsu-cyvu-6bdh", "summary": "CFME: ReportController SQL injection", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0137.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0137.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0137", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60361", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0039", "scoring_system": "epss", "scoring_elements": "0.60408", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0137" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1076688", "reference_id": "1076688", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1076688" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0137" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ymsu-cyvu-6bdh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/37598?format=api", "vulnerability_id": "VCID-z94j-z575-4ydx", "summary": "Incomplete fix to CVE-2013-0155 (Unsafe Query Generation Risk)\nDue to the way that `Rack::Request` and `Rails::Request` interact, it is possible for a 3rd party or custom rack middleware to parse the parameters insecurely and store them in the same key that Rails uses for its own parameters. In the event that happens the application will receive unsafe parameters and could be vulnerable to the earlier vulnerability: it would be possible for an attacker to issue unexpected database queries with `IS NULL` or empty where clauses.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00079.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00081.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00082.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00003.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1794.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1794.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0008.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2014-0469.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6417.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6417.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6417", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66889", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66848", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6417" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4389" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4491" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6414" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6415" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6417" }, { "reference_url": "http://seclists.org/oss-sec/2013/q4/403", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/oss-sec/2013/q4/403" }, { "reference_url": "https://github.com/rails/rails", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rails/rails" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-6417.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2013-6417.yml" }, { "reference_url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/niK4drpSHT4/g8JW8ZsayRkJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/niK4drpSHT4/g8JW8ZsayRkJ" }, { "reference_url": "https://groups.google.com/forum/#!topic/ruby-security-ann/niK4drpSHT4", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/niK4drpSHT4" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6417", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6417" }, { "reference_url": "https://puppet.com/security/cve/cve-2013-6417", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://puppet.com/security/cve/cve-2013-6417" }, { "reference_url": "https://web.archive.org/web/20160806051251/https://puppet.com/security/cve/cve-2013-6417", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20160806051251/https://puppet.com/security/cve/cve-2013-6417" }, { "reference_url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released" }, { "reference_url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/" }, { "reference_url": "http://www.debian.org/security/2014/dsa-2888", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2014/dsa-2888" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1036409", "reference_id": "1036409", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1036409" }, { "reference_url": "https://github.com/advisories/GHSA-wpw7-wxjm-cw8r", "reference_id": "GHSA-wpw7-wxjm-cw8r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wpw7-wxjm-cw8r" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1794", "reference_id": "RHSA-2013:1794", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1794" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0008", "reference_id": "RHSA-2014:0008", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0008" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" } ], "fixed_packages": [], "aliases": [ "CVE-2013-6417", "GHSA-wpw7-wxjm-cw8r", "OSV-100527" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z94j-z575-4ydx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58332?format=api", "vulnerability_id": "VCID-zgxv-wbu5-4yg3", "summary": "Race condition in CREATE INDEX allows for privilege escalation.more details", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0062.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0062.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59905", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00382", "scoring_system": "epss", "scoring_elements": "0.59951", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0060" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0061" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0062" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0063" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0064" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0065" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0066" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0067" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2669" }, { "reference_url": "https://www.postgresql.org/support/security/CVE-2014-0062/", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "['AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H']" } ], "url": "https://www.postgresql.org/support/security/CVE-2014-0062/" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065222", "reference_id": "1065222", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065222" }, { "reference_url": "https://security.gentoo.org/glsa/201408-15", "reference_id": "GLSA-201408-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201408-15" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0211", "reference_id": "RHSA-2014:0211", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0211" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0221", "reference_id": "RHSA-2014:0221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0249", "reference_id": "RHSA-2014:0249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:0469", "reference_id": "RHSA-2014:0469", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:0469" }, { "reference_url": "https://usn.ubuntu.com/2120-1/", "reference_id": "USN-2120-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2120-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0062" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zgxv-wbu5-4yg3" } ], "fixing_vulnerabilities": [], "risk_score": "4.5", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/prince@9.0r2-4%3Farch=el6cf" }