Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/puppet@2.6
Typegem
Namespace
Namepuppet
Version2.6
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-2jc8-n1j4-m7c6
vulnerability_id VCID-2jc8-n1j4-m7c6
summary 
Puppet Privilege Escallation
The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors related to (1) the change_user not dropping supplementary groups in certain conditions, (2) changes to the eguid without associated changes to the egid, or (3) the addition of the real gid to supplementary groups.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1053.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1053.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1053
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13362
published_at 2026-04-24T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13389
published_at 2026-04-01T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13489
published_at 2026-04-02T12:55:00Z
3
value 0.00044
scoring_system epss
scoring_elements 0.13551
published_at 2026-04-04T12:55:00Z
4
value 0.00044
scoring_system epss
scoring_elements 0.13348
published_at 2026-04-07T12:55:00Z
5
value 0.00044
scoring_system epss
scoring_elements 0.1343
published_at 2026-04-08T12:55:00Z
6
value 0.00044
scoring_system epss
scoring_elements 0.13479
published_at 2026-04-09T12:55:00Z
7
value 0.00044
scoring_system epss
scoring_elements 0.13453
published_at 2026-04-11T12:55:00Z
8
value 0.00044
scoring_system epss
scoring_elements 0.13418
published_at 2026-04-12T12:55:00Z
9
value 0.00044
scoring_system epss
scoring_elements 0.13372
published_at 2026-04-13T12:55:00Z
10
value 0.00044
scoring_system epss
scoring_elements 0.13279
published_at 2026-04-16T12:55:00Z
11
value 0.00044
scoring_system epss
scoring_elements 0.13277
published_at 2026-04-18T12:55:00Z
12
value 0.00044
scoring_system epss
scoring_elements 0.13357
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1053
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1053
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/73445
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/73445
4
reference_url https://github.com/puppetlabs/puppet/commit/76d0749f0a9a496b70e7dc7e6d6d6ff692224e36
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/76d0749f0a9a496b70e7dc7e6d6d6ff692224e36
5
reference_url https://hermes.opensuse.org/messages/15087408
reference_id
reference_type
scores
url https://hermes.opensuse.org/messages/15087408
6
reference_url https://lists.opensuse.org/opensuse-security-announce/2012-03/msg00003.html
reference_id
reference_type
scores
url https://lists.opensuse.org/opensuse-security-announce/2012-03/msg00003.html
7
reference_url https://ubuntu.com/usn/usn-1372-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://ubuntu.com/usn/usn-1372-1
8
reference_url https://web.archive.org/web/20120504011717/http://puppetlabs.com/security/cve/cve-2012-1053
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120504011717/http://puppetlabs.com/security/cve/cve-2012-1053
9
reference_url https://web.archive.org/web/20120513215447/http://projects.puppetlabs.com/issues/12458
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513215447/http://projects.puppetlabs.com/issues/12458
10
reference_url https://web.archive.org/web/20120513215653/http://projects.puppetlabs.com/issues/12457
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513215653/http://projects.puppetlabs.com/issues/12457
11
reference_url https://web.archive.org/web/20120513223437/http://projects.puppetlabs.com/issues/12459
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513223437/http://projects.puppetlabs.com/issues/12459
12
reference_url https://web.archive.org/web/20120527071855/http://www.securityfocus.com/bid/52158
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120527071855/http://www.securityfocus.com/bid/52158
13
reference_url https://web.archive.org/web/20120816020421/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120816020421/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.14
14
reference_url https://www.debian.org/security/2012/dsa-2419
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2012/dsa-2419
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=791001
reference_id 791001
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=791001
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1053
reference_id CVE-2012-1053
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1053
17
reference_url https://web.archive.org/web/20120504011717/http://puppetlabs.com/security/cve/cve-2012-1053/
reference_id CVE-2012-1053
reference_type
scores
url https://web.archive.org/web/20120504011717/http://puppetlabs.com/security/cve/cve-2012-1053/
18
reference_url https://github.com/advisories/GHSA-77hg-g8cc-5r37
reference_id GHSA-77hg-g8cc-5r37
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-77hg-g8cc-5r37
19
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
20
reference_url https://usn.ubuntu.com/1372-1/
reference_id USN-1372-1
reference_type
scores
url https://usn.ubuntu.com/1372-1/
fixed_packages
0
url pkg:gem/puppet@2.6.14
purl pkg:gem/puppet@2.6.14
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jc8-n1j4-m7c6
1
vulnerability VCID-3kma-3ffw-8qd9
2
vulnerability VCID-5g6u-uvej-xbad
3
vulnerability VCID-5qhd-8wfe-27dy
4
vulnerability VCID-75gs-2gu3-6udx
5
vulnerability VCID-7ypq-wmb7-quhc
6
vulnerability VCID-8xgm-pabz-hkeg
7
vulnerability VCID-b94j-dcjk-eqeu
8
vulnerability VCID-h88b-abes-3bgr
9
vulnerability VCID-jhkk-5euf-uked
10
vulnerability VCID-kt2h-k72f-tqc7
11
vulnerability VCID-pdpa-qfpq-zkcq
12
vulnerability VCID-pgg8-9sk2-57ee
13
vulnerability VCID-qdsk-m9ye-z3a4
14
vulnerability VCID-s94z-5sd6-33dk
15
vulnerability VCID-tetf-xa1u-uffv
16
vulnerability VCID-vgbw-4yuu-57fz
17
vulnerability VCID-wage-71h9-6qay
18
vulnerability VCID-ww8x-tzxr-4qbn
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/puppet@2.6.14
1
url pkg:gem/puppet@2.7.11
purl pkg:gem/puppet@2.7.11
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jc8-n1j4-m7c6
1
vulnerability VCID-3kma-3ffw-8qd9
2
vulnerability VCID-5g6u-uvej-xbad
3
vulnerability VCID-5qhd-8wfe-27dy
4
vulnerability VCID-75gs-2gu3-6udx
5
vulnerability VCID-7ypq-wmb7-quhc
6
vulnerability VCID-8xgm-pabz-hkeg
7
vulnerability VCID-b94j-dcjk-eqeu
8
vulnerability VCID-h88b-abes-3bgr
9
vulnerability VCID-jhkk-5euf-uked
10
vulnerability VCID-kt2h-k72f-tqc7
11
vulnerability VCID-pdpa-qfpq-zkcq
12
vulnerability VCID-pgg8-9sk2-57ee
13
vulnerability VCID-qdsk-m9ye-z3a4
14
vulnerability VCID-s94z-5sd6-33dk
15
vulnerability VCID-tetf-xa1u-uffv
16
vulnerability VCID-vgbw-4yuu-57fz
17
vulnerability VCID-wage-71h9-6qay
18
vulnerability VCID-ww8x-tzxr-4qbn
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/puppet@2.7.11
aliases CVE-2012-1053, GHSA-77hg-g8cc-5r37
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jc8-n1j4-m7c6
1
url VCID-pgg8-9sk2-57ee
vulnerability_id VCID-pgg8-9sk2-57ee
summary 
Low severity vulnerability that affects puppet
telnet.rb in Puppet 2.7.x before 2.7.13 and Puppet Enterprise (PE) 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows local users to overwrite arbitrary files via a symlink attack on the NET::Telnet connection log (/tmp/out.log).
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2012-05/msg00012.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-05/msg00012.html
1
reference_url http://projects.puppetlabs.com/issues/13606
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://projects.puppetlabs.com/issues/13606
2
reference_url http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.7.13
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.7.13
3
reference_url http://puppetlabs.com/security/cve/cve-2012-1989
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2012-1989
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1989.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1989.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1989
reference_id
reference_type
scores
0
value 0.00058
scoring_system epss
scoring_elements 0.18131
published_at 2026-04-24T12:55:00Z
1
value 0.00058
scoring_system epss
scoring_elements 0.18196
published_at 2026-04-07T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.1828
published_at 2026-04-08T12:55:00Z
3
value 0.00058
scoring_system epss
scoring_elements 0.18333
published_at 2026-04-09T12:55:00Z
4
value 0.00058
scoring_system epss
scoring_elements 0.18335
published_at 2026-04-11T12:55:00Z
5
value 0.00058
scoring_system epss
scoring_elements 0.18287
published_at 2026-04-12T12:55:00Z
6
value 0.00058
scoring_system epss
scoring_elements 0.18236
published_at 2026-04-13T12:55:00Z
7
value 0.00058
scoring_system epss
scoring_elements 0.18181
published_at 2026-04-16T12:55:00Z
8
value 0.00058
scoring_system epss
scoring_elements 0.18193
published_at 2026-04-18T12:55:00Z
9
value 0.00058
scoring_system epss
scoring_elements 0.18221
published_at 2026-04-21T12:55:00Z
10
value 0.00058
scoring_system epss
scoring_elements 0.18282
published_at 2026-04-01T12:55:00Z
11
value 0.00058
scoring_system epss
scoring_elements 0.18433
published_at 2026-04-02T12:55:00Z
12
value 0.00058
scoring_system epss
scoring_elements 0.18487
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1989
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1989
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1989
7
reference_url http://secunia.com/advisories/48743
reference_id
reference_type
scores
url http://secunia.com/advisories/48743
8
reference_url http://secunia.com/advisories/48748
reference_id
reference_type
scores
url http://secunia.com/advisories/48748
9
reference_url http://secunia.com/advisories/49136
reference_id
reference_type
scores
url http://secunia.com/advisories/49136
10
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/74797
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/74797
11
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1989.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1989.yml
13
reference_url https://hermes.opensuse.org/messages/15087408
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://hermes.opensuse.org/messages/15087408
14
reference_url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
15
reference_url https://www.puppet.com/security/cve/cve-2012-1989-arbitrary-file-write-access
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.puppet.com/security/cve/cve-2012-1989-arbitrary-file-write-access
16
reference_url http://ubuntu.com/usn/usn-1419-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1419-1
17
reference_url http://www.securityfocus.com/bid/52975
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/52975
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=837339
reference_id 837339
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=837339
19
reference_url http://puppetlabs.com/security/cve/cve-2012-1989/
reference_id CVE-2012-1989
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2012-1989/
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1989
reference_id CVE-2012-1989
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1989
21
reference_url https://github.com/advisories/GHSA-c5qq-g673-5p49
reference_id GHSA-c5qq-g673-5p49
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c5qq-g673-5p49
22
reference_url https://security.gentoo.org/glsa/201208-02
reference_id GLSA-201208-02
reference_type
scores
url https://security.gentoo.org/glsa/201208-02
23
reference_url https://usn.ubuntu.com/1419-1/
reference_id USN-1419-1
reference_type
scores
url https://usn.ubuntu.com/1419-1/
fixed_packages
0
url pkg:gem/puppet@2.7.13
purl pkg:gem/puppet@2.7.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jc8-n1j4-m7c6
1
vulnerability VCID-3kma-3ffw-8qd9
2
vulnerability VCID-5g6u-uvej-xbad
3
vulnerability VCID-5qhd-8wfe-27dy
4
vulnerability VCID-75gs-2gu3-6udx
5
vulnerability VCID-7ypq-wmb7-quhc
6
vulnerability VCID-8xgm-pabz-hkeg
7
vulnerability VCID-b94j-dcjk-eqeu
8
vulnerability VCID-h88b-abes-3bgr
9
vulnerability VCID-jhkk-5euf-uked
10
vulnerability VCID-kt2h-k72f-tqc7
11
vulnerability VCID-pdpa-qfpq-zkcq
12
vulnerability VCID-pgg8-9sk2-57ee
13
vulnerability VCID-qdsk-m9ye-z3a4
14
vulnerability VCID-s94z-5sd6-33dk
15
vulnerability VCID-tetf-xa1u-uffv
16
vulnerability VCID-vgbw-4yuu-57fz
17
vulnerability VCID-wage-71h9-6qay
18
vulnerability VCID-ww8x-tzxr-4qbn
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/puppet@2.7.13
aliases CVE-2012-1989, GHSA-c5qq-g673-5p49
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pgg8-9sk2-57ee
2
url VCID-tetf-xa1u-uffv
vulnerability_id VCID-tetf-xa1u-uffv
summary 
Puppet uses predictable filenames, allowing arbitrary file overwrite
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 uses predictable file names when installing Mac OS X packages from a remote source, which allows local users to overwrite arbitrary files or install arbitrary packages via a symlink attack on a temporary file in /tmp.
references
0
reference_url http://projects.puppetlabs.com/issues/13260
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://projects.puppetlabs.com/issues/13260
1
reference_url http://puppetlabs.com/security/cve/cve-2012-1906
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2012-1906
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1906.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1906.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1906
reference_id
reference_type
scores
0
value 0.00063
scoring_system epss
scoring_elements 0.19722
published_at 2026-04-18T12:55:00Z
1
value 0.00063
scoring_system epss
scoring_elements 0.1972
published_at 2026-04-16T12:55:00Z
2
value 0.00063
scoring_system epss
scoring_elements 0.19745
published_at 2026-04-13T12:55:00Z
3
value 0.00063
scoring_system epss
scoring_elements 0.19844
published_at 2026-04-09T12:55:00Z
4
value 0.00063
scoring_system epss
scoring_elements 0.19628
published_at 2026-04-24T12:55:00Z
5
value 0.00063
scoring_system epss
scoring_elements 0.19734
published_at 2026-04-21T12:55:00Z
6
value 0.00063
scoring_system epss
scoring_elements 0.19847
published_at 2026-04-11T12:55:00Z
7
value 0.00063
scoring_system epss
scoring_elements 0.19785
published_at 2026-04-01T12:55:00Z
8
value 0.00063
scoring_system epss
scoring_elements 0.19931
published_at 2026-04-02T12:55:00Z
9
value 0.00063
scoring_system epss
scoring_elements 0.19802
published_at 2026-04-12T12:55:00Z
10
value 0.00063
scoring_system epss
scoring_elements 0.19986
published_at 2026-04-04T12:55:00Z
11
value 0.00063
scoring_system epss
scoring_elements 0.19712
published_at 2026-04-07T12:55:00Z
12
value 0.00063
scoring_system epss
scoring_elements 0.19792
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1906
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1906
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1906
5
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/74793
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/74793
6
reference_url https://github.com/puppetlabs/puppet/commit/f7829ec1f1b2c3def8e0eda09c22c3c1fed3a27f
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/f7829ec1f1b2c3def8e0eda09c22c3c1fed3a27f
7
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1906.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1906.yml
8
reference_url https://ubuntu.com/usn/usn-1419-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://ubuntu.com/usn/usn-1419-1
9
reference_url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
10
reference_url https://www.debian.org/security/2012/dsa-2451
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2012/dsa-2451
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2236311
reference_id 2236311
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2236311
12
reference_url http://puppetlabs.com/security/cve/cve-2012-1906/
reference_id CVE-2012-1906
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2012-1906/
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1906
reference_id CVE-2012-1906
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1906
14
reference_url https://github.com/advisories/GHSA-c4mc-49hq-q275
reference_id GHSA-c4mc-49hq-q275
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c4mc-49hq-q275
15
reference_url https://security.gentoo.org/glsa/201208-02
reference_id GLSA-201208-02
reference_type
scores
url https://security.gentoo.org/glsa/201208-02
16
reference_url https://usn.ubuntu.com/1419-1/
reference_id USN-1419-1
reference_type
scores
url https://usn.ubuntu.com/1419-1/
fixed_packages
0
url pkg:gem/puppet@2.6.15
purl pkg:gem/puppet@2.6.15
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jc8-n1j4-m7c6
1
vulnerability VCID-3kma-3ffw-8qd9
2
vulnerability VCID-5g6u-uvej-xbad
3
vulnerability VCID-5qhd-8wfe-27dy
4
vulnerability VCID-75gs-2gu3-6udx
5
vulnerability VCID-7ypq-wmb7-quhc
6
vulnerability VCID-8xgm-pabz-hkeg
7
vulnerability VCID-b94j-dcjk-eqeu
8
vulnerability VCID-h88b-abes-3bgr
9
vulnerability VCID-jhkk-5euf-uked
10
vulnerability VCID-kt2h-k72f-tqc7
11
vulnerability VCID-pdpa-qfpq-zkcq
12
vulnerability VCID-pgg8-9sk2-57ee
13
vulnerability VCID-qdsk-m9ye-z3a4
14
vulnerability VCID-s94z-5sd6-33dk
15
vulnerability VCID-tetf-xa1u-uffv
16
vulnerability VCID-vgbw-4yuu-57fz
17
vulnerability VCID-wage-71h9-6qay
18
vulnerability VCID-ww8x-tzxr-4qbn
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/puppet@2.6.15
1
url pkg:gem/puppet@2.7.13
purl pkg:gem/puppet@2.7.13
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2jc8-n1j4-m7c6
1
vulnerability VCID-3kma-3ffw-8qd9
2
vulnerability VCID-5g6u-uvej-xbad
3
vulnerability VCID-5qhd-8wfe-27dy
4
vulnerability VCID-75gs-2gu3-6udx
5
vulnerability VCID-7ypq-wmb7-quhc
6
vulnerability VCID-8xgm-pabz-hkeg
7
vulnerability VCID-b94j-dcjk-eqeu
8
vulnerability VCID-h88b-abes-3bgr
9
vulnerability VCID-jhkk-5euf-uked
10
vulnerability VCID-kt2h-k72f-tqc7
11
vulnerability VCID-pdpa-qfpq-zkcq
12
vulnerability VCID-pgg8-9sk2-57ee
13
vulnerability VCID-qdsk-m9ye-z3a4
14
vulnerability VCID-s94z-5sd6-33dk
15
vulnerability VCID-tetf-xa1u-uffv
16
vulnerability VCID-vgbw-4yuu-57fz
17
vulnerability VCID-wage-71h9-6qay
18
vulnerability VCID-ww8x-tzxr-4qbn
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/puppet@2.7.13
aliases CVE-2012-1906, GHSA-c4mc-49hq-q275
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tetf-xa1u-uffv
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/puppet@2.6