Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:rpm/redhat/ruby193-rubygem-xml-simple@1.0.12-10?arch=el6op

Type rpm

Namespace redhat

Name ruby193-rubygem-xml-simple

Version 1.0.12-10

Qualifiers

arch	el6op

Subpath

Is_vulnerable true

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

url VCID-4f3y-uu2b-uqfa

vulnerability_id VCID-4f3y-uu2b-uqfa

summary OpenShift Enterprise and Online vulnerable to CSRF attack with REST API

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0196.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0196.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-0196

reference_id

reference_type

scores

value	0.0011
scoring_system	epss
scoring_elements	0.28884
published_at	2026-06-04T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.28955
published_at	2026-06-05T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.28919
published_at	2026-06-06T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.28883
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-0196

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=901364
reference_id	901364
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=901364

fixed_packages

aliases CVE-2013-0196

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4f3y-uu2b-uqfa

url VCID-8du4-pguk-xufz

vulnerability_id VCID-8du4-pguk-xufz

summary OpenShift: /proc/net/tcp information disclosure

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3602.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3602.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3602

reference_id

reference_type

scores

value	0.00049
scoring_system	epss
scoring_elements	0.15532
published_at	2026-06-04T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15614
published_at	2026-06-05T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15604
published_at	2026-06-06T12:55:00Z

value	0.00049
scoring_system	epss
scoring_elements	0.15564
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3602

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1131680
reference_id	1131680
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1131680

reference_url	https://access.redhat.com/errata/RHSA-2014:1796
reference_id	RHSA-2014:1796
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1796

reference_url	https://access.redhat.com/errata/RHSA-2014:1906
reference_id	RHSA-2014:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1906

fixed_packages

aliases CVE-2014-3602

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8du4-pguk-xufz

url

VCID-ac75-ed1t-euc4

vulnerability_id

VCID-ac75-ed1t-euc4

summary

XSS exploit of RDoc documentation generated by rdoc
This exploit may lead to cookie disclosure to third parties. The exploit exists in darkfish.js which is copied from the RDoc install location to the generated documentation. RDoc is a static documentation generation tool. Patching the library itself is insufficient to correct this exploit.

references

reference_url

http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.html

reference_url

http://lists.opensuse.org/opensuse-updates/2013-02/msg00048.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-updates/2013-02/msg00048.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-0686.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-0686.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-0701.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-0701.html

reference_url

http://rhn.redhat.com/errata/RHSA-2013-0728.html

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-0728.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0256.json

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0256.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-0256

reference_id

reference_type

scores

value	0.02671
scoring_system	epss
scoring_elements	0.86114
published_at	2026-06-07T12:55:00Z

value	0.02671
scoring_system	epss
scoring_elements	0.86094
published_at	2026-06-04T12:55:00Z

value	0.02671
scoring_system	epss
scoring_elements	0.86115
published_at	2026-06-05T12:55:00Z

value	0.02671
scoring_system	epss
scoring_elements	0.86118
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-0256

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=907820

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=907820

reference_url

https://github.com/advisories/GHSA-v2r9-c84j-v7xm

reference_id

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/advisories/GHSA-v2r9-c84j-v7xm

reference_url

https://github.com/rdoc/rdoc

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rdoc/rdoc

reference_url

https://github.com/rdoc/rdoc/commit/ffa87887ee0517793df7541629a470e331f9fe60

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rdoc/rdoc/commit/ffa87887ee0517793df7541629a470e331f9fe60

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rdoc/CVE-2013-0256.yml

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rdoc/CVE-2013-0256.yml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-0256

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-0256

reference_url

https://web.archive.org/web/20130402173730/http://blog.segment7.net:80/2013/02/06/rdoc-xss-vulnerability-cve-2013-0256-releases-3-9-5-3-12-1-4-0-0-rc-2

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20130402173730/http://blog.segment7.net:80/2013/02/06/rdoc-xss-vulnerability-cve-2013-0256-releases-3-9-5-3-12-1-4-0-0-rc-2

reference_url

http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256

reference_url	http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/
reference_id
reference_type
scores
url	http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/

reference_url

http://www.ubuntu.com/usn/USN-1733-1

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.ubuntu.com/usn/USN-1733-1

reference_url	https://github.com/rdoc/rdoc/blob/master/CVE-2013-0256.rdoc
reference_id	CVE-2013-0256.RDOC
reference_type
scores
url	https://github.com/rdoc/rdoc/blob/master/CVE-2013-0256.rdoc

reference_url	https://access.redhat.com/errata/RHSA-2013:0686
reference_id	RHSA-2013:0686
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0686

reference_url	https://access.redhat.com/errata/RHSA-2013:0701
reference_id	RHSA-2013:0701
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0701

reference_url	https://access.redhat.com/errata/RHSA-2013:0728
reference_id	RHSA-2013:0728
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:0728

reference_url	https://usn.ubuntu.com/1733-1/
reference_id	USN-1733-1
reference_type
scores
url	https://usn.ubuntu.com/1733-1/

fixed_packages

aliases

CVE-2013-0256, GHSA-v2r9-c84j-v7xm, OSV-90004

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-ac75-ed1t-euc4

url

VCID-dmps-nju4-syb1

vulnerability_id

VCID-dmps-nju4-syb1

summary

openshift-origin-broker: default password creation

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0234.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0234.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0234

reference_id

reference_type

scores

value	0.08806
scoring_system	epss
scoring_elements	0.92673
published_at	2026-06-04T12:55:00Z

value	0.08806
scoring_system	epss
scoring_elements	0.92685
published_at	2026-06-05T12:55:00Z

value	0.08806
scoring_system	epss
scoring_elements	0.92681
published_at	2026-06-06T12:55:00Z

value	0.08806
scoring_system	epss
scoring_elements	0.92676
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0234

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1097008
reference_id	1097008
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1097008

fixed_packages

aliases

CVE-2014-0234

risk_score

0.1

exploitability

0.5

weighted_severity

0.1

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-dmps-nju4-syb1

url VCID-nfkr-vhvf-j3hz

vulnerability_id VCID-nfkr-vhvf-j3hz

summary mcollective has a default password set at install

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0175.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0175.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0175

reference_id

reference_type

scores

value	0.00483
scoring_system	epss
scoring_elements	0.65521
published_at	2026-06-04T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65573
published_at	2026-06-07T12:55:00Z

value	0.00483
scoring_system	epss
scoring_elements	0.65584
published_at	2026-06-06T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0175

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0175
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0175

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1086381
reference_id	1086381
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1086381

fixed_packages

aliases CVE-2014-0175

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nfkr-vhvf-j3hz

url VCID-ww5y-dfs2-ubef

vulnerability_id VCID-ww5y-dfs2-ubef

summary Enterprise: gears fail to properly isolate network traffic

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3674.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3674.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-3674

reference_id

reference_type

scores

value	0.004
scoring_system	epss
scoring_elements	0.61032
published_at	2026-06-04T12:55:00Z

value	0.004
scoring_system	epss
scoring_elements	0.61081
published_at	2026-06-05T12:55:00Z

value	0.004
scoring_system	epss
scoring_elements	0.61088
published_at	2026-06-06T12:55:00Z

value	0.004
scoring_system	epss
scoring_elements	0.61076
published_at	2026-06-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-3674

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1148170
reference_id	1148170
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1148170

reference_url	https://access.redhat.com/errata/RHSA-2014:1796
reference_id	RHSA-2014:1796
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1796

reference_url	https://access.redhat.com/errata/RHSA-2014:1906
reference_id	RHSA-2014:1906
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1906

fixed_packages

aliases CVE-2014-3674

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ww5y-dfs2-ubef

url

VCID-x2kn-aegv-9ya6

vulnerability_id

VCID-x2kn-aegv-9ya6

summary

openshift-origin-node Improper Input Validation vulnerability
Ruby gem openshift-origin-node before 2014-02-14 does not
contain a cronjob timeout which could result in a denial of
service in cron.daily and cron.weekly.

references

reference_url

https://access.redhat.com/errata/RHBA-2014:0487

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHBA-2014:0487

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0084.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0084.json

reference_url

https://access.redhat.com/security/cve/CVE-2014-0084

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2014-0084

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-0084

reference_id

reference_type

scores

value	0.00122
scoring_system	epss
scoring_elements	0.30853
published_at	2026-06-05T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.30785
published_at	2026-06-07T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.3082
published_at	2026-06-06T12:55:00Z

value	0.00122
scoring_system	epss
scoring_elements	0.30781
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-0084

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1065198

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1065198

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0084

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0084

reference_url

https://github.com/openshift/origin-server

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/openshift/origin-server

reference_url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/openshift-origin-node/CVE-2014-0084.yml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/rubysec/ruby-advisory-db/blob/master/gems/openshift-origin-node/CVE-2014-0084.yml

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-0084

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2014-0084

reference_url	https://github.com/advisories/GHSA-756m-3qf2-hp58
reference_id	GHSA-756m-3qf2-hp58
reference_type
scores
url	https://github.com/advisories/GHSA-756m-3qf2-hp58

fixed_packages

aliases

CVE-2014-0084, GHSA-756m-3qf2-hp58

risk_score

3.1

exploitability

0.5

weighted_severity

6.2

resource_url

http://public2.vulnerablecode.io/vulnerabilities/VCID-x2kn-aegv-9ya6

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby193-rubygem-xml-simple@1.0.12-10%3Farch=el6op

Package Instance