Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/390840?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "type": "apk", "namespace": "alpine", "name": "cacti", "version": "1.2.26-r0", "qualifiers": { "arch": "x86", "distroversion": "v3.18", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51616?format=api", "vulnerability_id": "VCID-34z4-1zqk-afcm", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49161", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49131", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.4916", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49155", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49181", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49164", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49167", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00258", "scoring_system": "epss", "scoring_elements": "0.49113", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/", "reference_id": "CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-25T14:25:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5550", "reference_id": "dsa-5550", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-25T14:25:41Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5550" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", "reference_id": "GHSA-hrg9-qqqx-wc4h", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-25T14:25:41Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-25T14:25:41Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/", "reference_id": "WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-25T14:25:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/", "reference_id": "WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-06-25T14:25:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39515" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-34z4-1zqk-afcm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51609?format=api", "vulnerability_id": "VCID-5ykb-6nvx-k3e4", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39362", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.87228", "scoring_system": "epss", "scoring_elements": "0.99443", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.87228", "scoring_system": "epss", "scoring_elements": "0.99445", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.87228", "scoring_system": "epss", "scoring_elements": "0.99446", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.87228", "scoring_system": "epss", "scoring_elements": "0.99447", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.87228", "scoring_system": "epss", "scoring_elements": "0.99448", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.87228", "scoring_system": "epss", "scoring_elements": "0.99449", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516" }, { "reference_url": "http://packetstormsecurity.com/files/175029/Cacti-1.2.24-Command-Injection.html", "reference_id": "Cacti-1.2.24-Command-Injection.html", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/" } ], "url": "http://packetstormsecurity.com/files/175029/Cacti-1.2.24-Command-Injection.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/", "reference_id": "CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51740.txt", "reference_id": "CVE-2023-39362", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/51740.txt" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5550", "reference_id": "dsa-5550", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5550" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp", "reference_id": "GHSA-g6ff-58cj-x3cp", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/", "reference_id": "WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/", "reference_id": "WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-02-27T20:32:39Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39362" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "6.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ykb-6nvx-k3e4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266467?format=api", "vulnerability_id": "VCID-8max-2avj-hkdt", "summary": "Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection (SQLi) vulnerability within the SNMP Notification Receivers feature in the file `‘managers.php’`. An authenticated attacker with the “Settings/Utilities” permission can send a crafted HTTP GET request to the endpoint `‘/cacti/managers.php’` with an SQLi payload in the `‘selected_graphs_array’` HTTP GET parameter. As of time of publication, no patched versions exist.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51448", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.32076", "scoring_system": "epss", "scoring_elements": "0.96804", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.32076", "scoring_system": "epss", "scoring_elements": "0.96806", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.32076", "scoring_system": "epss", "scoring_elements": "0.96809", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.32076", "scoring_system": "epss", "scoring_elements": "0.96817", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.32076", "scoring_system": "epss", "scoring_elements": "0.96818", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.32076", "scoring_system": "epss", "scoring_elements": "0.9682", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.32076", "scoring_system": "epss", "scoring_elements": "0.96821", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.32076", "scoring_system": "epss", "scoring_elements": "0.96822", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-51448" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-51448" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8max-2avj-hkdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95673?format=api", "vulnerability_id": "VCID-a8j1-24bw-gudu", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39364", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.3773", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37755", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37633", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37684", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37697", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37711", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37676", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00166", "scoring_system": "epss", "scoring_elements": "0.37648", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39364" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a8j1-24bw-gudu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95822?format=api", "vulnerability_id": "VCID-akj7-kh8f-97ct", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49088", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77167", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77196", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77177", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.7721", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77218", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77246", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77225", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0102", "scoring_system": "epss", "scoring_elements": "0.77221", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49088" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088" }, { "reference_url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php", "reference_id": "data_debug.php", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-26T04:00:42Z/" } ], "url": "https://github.com/Cacti/cacti/blob/5f6f65c215d663a775950b2d9db35edbaf07d680/data_debug.php" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h", "reference_id": "GHSA-hrg9-qqqx-wc4h", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-26T04:00:42Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x", "reference_id": "GHSA-q7g7-gcf6-wh4x", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-26T04:00:42Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q7g7-gcf6-wh4x" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-26T04:00:42Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/", "reference_id": "RBEOAFKRARQHTDIYSL723XAFJ2Q6624X", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-03-26T04:00:42Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBEOAFKRARQHTDIYSL723XAFJ2Q6624X/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-49088" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-akj7-kh8f-97ct" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95821?format=api", "vulnerability_id": "VCID-ay5a-nkmf-5yar", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49086", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76305", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76335", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76314", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76347", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76361", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76387", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.76365", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00949", "scoring_system": "epss", "scoring_elements": "0.7636", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49086" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254", "reference_id": "1059254", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-49086" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ay5a-nkmf-5yar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51607?format=api", "vulnerability_id": "VCID-c2b8-ss11-9yhq", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39360", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00629", "scoring_system": "epss", "scoring_elements": "0.70215", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00629", "scoring_system": "epss", "scoring_elements": "0.70232", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00629", "scoring_system": "epss", "scoring_elements": "0.70209", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00629", "scoring_system": "epss", "scoring_elements": "0.70255", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00629", "scoring_system": "epss", "scoring_elements": "0.7027", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00629", "scoring_system": "epss", "scoring_elements": "0.70294", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00629", "scoring_system": "epss", "scoring_elements": "0.70279", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00629", "scoring_system": "epss", "scoring_elements": "0.70267", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39360" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c2b8-ss11-9yhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95819?format=api", "vulnerability_id": "VCID-d7db-n89n-qyd8", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49084", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.88341", "scoring_system": "epss", "scoring_elements": "0.99488", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.88341", "scoring_system": "epss", "scoring_elements": "0.9949", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.88341", "scoring_system": "epss", "scoring_elements": "0.99492", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.88341", "scoring_system": "epss", "scoring_elements": "0.99493", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.88341", "scoring_system": "epss", "scoring_elements": "0.99494", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.88341", "scoring_system": "epss", "scoring_elements": "0.99495", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49084" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254", "reference_id": "1059254", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059254" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-49084" ], "risk_score": 1.6, "exploitability": "2.0", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7db-n89n-qyd8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51605?format=api", "vulnerability_id": "VCID-d7t8-6cty-sqde", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39358", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03993", "scoring_system": "epss", "scoring_elements": "0.88376", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03993", "scoring_system": "epss", "scoring_elements": "0.88385", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03993", "scoring_system": "epss", "scoring_elements": "0.88389", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03993", "scoring_system": "epss", "scoring_elements": "0.88408", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03993", "scoring_system": "epss", "scoring_elements": "0.88415", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03993", "scoring_system": "epss", "scoring_elements": "0.88425", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03993", "scoring_system": "epss", "scoring_elements": "0.88418", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03993", "scoring_system": "epss", "scoring_elements": "0.88417", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39358" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/", "reference_id": "CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:08:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g", "reference_id": "GHSA-gj95-7xr8-9p7g", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:08:55Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/", "reference_id": "WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:08:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/", "reference_id": "WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:08:55Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39358" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d7t8-6cty-sqde" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266530?format=api", "vulnerability_id": "VCID-du4b-tbxt-mqfr", "summary": "Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The `data_sources.php` script displays the data source management information (e.g. data source path, polling configuration etc.) for different data visualizations of the _cacti_ app. \nCENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://<HOST>/cacti/host.php`, while the rendered malicious payload is exhibited at `http://<HOST>/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39366", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58345", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58365", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58339", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58392", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58398", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58415", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58394", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00363", "scoring_system": "epss", "scoring_elements": "0.58375", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39366" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/", "reference_id": "CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5550", "reference_id": "dsa-5550", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:41Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5550" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv", "reference_id": "GHSA-rwhh-xxm6-vcrv", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:41Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/", "reference_id": "WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/", "reference_id": "WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:41Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39366" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-du4b-tbxt-mqfr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95820?format=api", "vulnerability_id": "VCID-h3qa-svy4-1fcr", "summary": "security update", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49085", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.91404", "scoring_system": "epss", "scoring_elements": "0.99656", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.91404", "scoring_system": "epss", "scoring_elements": "0.99658", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.91404", "scoring_system": "epss", "scoring_elements": "0.99659", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.91404", "scoring_system": "epss", "scoring_elements": "0.9966", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.91404", "scoring_system": "epss", "scoring_elements": "0.99661", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.91404", "scoring_system": "epss", "scoring_elements": "0.99662", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-49085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-49085" ], "risk_score": 1.6, "exploitability": "2.0", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h3qa-svy4-1fcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51611?format=api", "vulnerability_id": "VCID-h6vp-37u4-b7f3", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39510", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65677", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65707", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65672", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65723", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65735", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65757", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65742", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65713", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39510" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/", "reference_id": "CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:00Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5550", "reference_id": "dsa-5550", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:00Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5550" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h", "reference_id": "GHSA-24w4-4hp2-3j8h", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:00Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/", "reference_id": "WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:00Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/", "reference_id": "WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:00Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39510" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h6vp-37u4-b7f3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51610?format=api", "vulnerability_id": "VCID-huf2-qwju-6bf2", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39365", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38327", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38352", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38217", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38267", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38294", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38258", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0017", "scoring_system": "epss", "scoring_elements": "0.38234", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/", "reference_id": "CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5550", "reference_id": "dsa-5550", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5550" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22", "reference_id": "GHSA-v5w7-hww7-2f22", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html", "reference_id": "msg00018.html", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00018.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/", "reference_id": "WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/", "reference_id": "WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-13T17:26:49Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39365" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-huf2-qwju-6bf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266453?format=api", "vulnerability_id": "VCID-mwbm-aphc-akgu", "summary": "Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25. Attackers can exploit this vulnerability to perform actions on behalf of other users. The vulnerability is found in `templates_import.php.` When uploading an xml template file, if the XML file does not pass the check, the server will give a JavaScript pop-up prompt, which contains unfiltered xml template file name, resulting in XSS. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. As of time of publication, no patched versions are available.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50250", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85793", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02686", "scoring_system": "epss", "scoring_elements": "0.85811", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03596", "scoring_system": "epss", "scoring_elements": "0.87735", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03596", "scoring_system": "epss", "scoring_elements": "0.87756", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03596", "scoring_system": "epss", "scoring_elements": "0.87762", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03596", "scoring_system": "epss", "scoring_elements": "0.87773", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03596", "scoring_system": "epss", "scoring_elements": "0.87768", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03596", "scoring_system": "epss", "scoring_elements": "0.87766", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-50250" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-50250" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mwbm-aphc-akgu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51614?format=api", "vulnerability_id": "VCID-pau5-hfbv-nucp", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39513", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52839", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52865", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52832", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52884", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52878", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52928", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52912", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00296", "scoring_system": "epss", "scoring_elements": "0.52895", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39360" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39513" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49084" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49085" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49086" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-49088" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39513" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pau5-hfbv-nucp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51602?format=api", "vulnerability_id": "VCID-pxqa-nkv3-jqfs", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-30534", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.48534", "scoring_system": "epss", "scoring_elements": "0.97733", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.48534", "scoring_system": "epss", "scoring_elements": "0.97735", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.48534", "scoring_system": "epss", "scoring_elements": "0.9774", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.48534", "scoring_system": "epss", "scoring_elements": "0.97744", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.48534", "scoring_system": "epss", "scoring_elements": "0.97746", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.48534", "scoring_system": "epss", "scoring_elements": "0.97749", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.48534", "scoring_system": "epss", "scoring_elements": "0.9775", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-30534" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30534", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-30534" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/", "reference_id": "CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:08:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/" }, { "reference_url": "https://www.fastly.com/blog/cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25", "reference_id": "cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:08:26Z/" } ], "url": "https://www.fastly.com/blog/cve-2023-30534-insecure-deserialization-in-cacti-prior-to-1-2-25" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p", "reference_id": "GHSA-77rf-774j-6h3p", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:08:26Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/", "reference_id": "WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:08:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/", "reference_id": "WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:08:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-30534" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pxqa-nkv3-jqfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51604?format=api", "vulnerability_id": "VCID-sb43-hapb-1uf2", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39357", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03246", "scoring_system": "epss", "scoring_elements": "0.87071", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03246", "scoring_system": "epss", "scoring_elements": "0.8709", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03246", "scoring_system": "epss", "scoring_elements": "0.87083", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03246", "scoring_system": "epss", "scoring_elements": "0.87103", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03246", "scoring_system": "epss", "scoring_elements": "0.87111", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03246", "scoring_system": "epss", "scoring_elements": "0.87124", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03246", "scoring_system": "epss", "scoring_elements": "0.87119", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.03246", "scoring_system": "epss", "scoring_elements": "0.87114", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39357" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sb43-hapb-1uf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51606?format=api", "vulnerability_id": "VCID-vsjt-qjyw-hbfs", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39359", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.89353", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.89365", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.89368", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.89385", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.89388", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.89397", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.89394", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.04724", "scoring_system": "epss", "scoring_elements": "0.8939", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/", "reference_id": "CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5550", "reference_id": "dsa-5550", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:26Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5550" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h", "reference_id": "GHSA-q4wh-3f9w-836h", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:26Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/", "reference_id": "WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/", "reference_id": "WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:20:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39359" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vsjt-qjyw-hbfs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51612?format=api", "vulnerability_id": "VCID-w11p-1pr3-7ybp", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39511", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00561", "scoring_system": "epss", "scoring_elements": "0.68243", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00561", "scoring_system": "epss", "scoring_elements": "0.68262", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00561", "scoring_system": "epss", "scoring_elements": "0.68238", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00561", "scoring_system": "epss", "scoring_elements": "0.68288", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00561", "scoring_system": "epss", "scoring_elements": "0.68304", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00561", "scoring_system": "epss", "scoring_elements": "0.6833", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00561", "scoring_system": "epss", "scoring_elements": "0.68318", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00561", "scoring_system": "epss", "scoring_elements": "0.68285", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39511" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/", "reference_id": "CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T20:03:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42", "reference_id": "GHSA-5hpr-4hhc-8q42", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T20:03:12Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/", "reference_id": "WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T20:03:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/", "reference_id": "WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T20:03:12Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39511" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w11p-1pr3-7ybp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51617?format=api", "vulnerability_id": "VCID-ws4h-295a-9qgx", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39516", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51728", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51754", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51714", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51768", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51765", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51815", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51794", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00284", "scoring_system": "epss", "scoring_elements": "0.51778", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39516" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39516" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ws4h-295a-9qgx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/95769?format=api", "vulnerability_id": "VCID-xkkm-ss3p-1udc", "summary": "SQL Injection vulnerability in Cacti v1.2.25 allows a remote attacker to obtain sensitive information via the form_actions() function in the managers.php function.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46490", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43075", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43124", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43071", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43098", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43037", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.4309", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00207", "scoring_system": "epss", "scoring_elements": "0.43102", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-46490" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46490", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-46490" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059286", "reference_id": "1059286", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1059286" }, { "reference_url": "https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53", "reference_id": "a95632111138fcd7ccf7432ccb145b53", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T14:48:55Z/" } ], "url": "https://gist.github.com/ISHGARD-2/a95632111138fcd7ccf7432ccb145b53" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c", "reference_id": "GHSA-f4r3-53jr-654c", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-10T14:48:55Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-f4r3-53jr-654c" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-46490" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xkkm-ss3p-1udc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51608?format=api", "vulnerability_id": "VCID-ypan-57sx-vyam", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39361", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.92278", "scoring_system": "epss", "scoring_elements": "0.99717", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.92278", "scoring_system": "epss", "scoring_elements": "0.99718", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.92278", "scoring_system": "epss", "scoring_elements": "0.99719", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.92278", "scoring_system": "epss", "scoring_elements": "0.9972", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39357" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39359" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39362" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39365" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39516" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" }, { "reference_url": "https://usn.ubuntu.com/6720-1/", "reference_id": "USN-6720-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6720-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39361" ], "risk_score": 1.6, "exploitability": "2.0", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ypan-57sx-vyam" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51613?format=api", "vulnerability_id": "VCID-zf92-pzgz-dfg7", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39512", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65677", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65707", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65672", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65723", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65735", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65757", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65742", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00493", "scoring_system": "epss", "scoring_elements": "0.65713", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39512" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/", "reference_id": "CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5550", "reference_id": "dsa-5550", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:14Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5550" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7", "reference_id": "GHSA-vqcc-5v63-g9q7", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:14Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/", "reference_id": "WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/", "reference_id": "WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39512" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zf92-pzgz-dfg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/266496?format=api", "vulnerability_id": "VCID-zkmp-kgyq-tfeh", "summary": "Rejected reason: DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2023-50250. Reason: This record is a reservation duplicate of CVE-2023-50250. Notes: All CVE users should reference CVE-2023-50250 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.", "references": [], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-50569" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zkmp-kgyq-tfeh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51615?format=api", "vulnerability_id": "VCID-znew-xktt-p7hy", "summary": "Multiple vulnerabilities have been discovered in Cacti, the worst of which can lead to privilege escalation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39514", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55076", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55101", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55077", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55127", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55126", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55138", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0032", "scoring_system": "epss", "scoring_elements": "0.55118", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-39514" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/", "reference_id": "CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH/" }, { "reference_url": "https://www.debian.org/security/2023/dsa-5550", "reference_id": "dsa-5550", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:26Z/" } ], "url": "https://www.debian.org/security/2023/dsa-5550" }, { "reference_url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7", "reference_id": "GHSA-6hrc-2cfc-8hm7", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:26Z/" } ], "url": "https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7" }, { "reference_url": "https://security.gentoo.org/glsa/202412-02", "reference_id": "GLSA-202412-02", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202412-02" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/", "reference_id": "WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/", "reference_id": "WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:N" }, { "value": "Track*", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-09-26T19:21:26Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/390840?format=api", "purl": "pkg:apk/alpine/cacti@1.2.26-r0?arch=x86&distroversion=v3.18&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" } ], "aliases": [ "CVE-2023-39514" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-znew-xktt-p7hy" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/cacti@1.2.26-r0%3Farch=x86&distroversion=v3.18&reponame=community" }