Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye

Type deb

Namespace debian

Name dogtag-pki

Version 10.10.2-3

Qualifiers

distro	bullseye

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-23u7-hejn-dkdk

vulnerability_id VCID-23u7-hejn-dkdk

summary pki: Dogtag's python client does not validate certificates

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15720.json

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-15720.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-15720

reference_id

reference_type

scores

value	0.00186
scoring_system	epss
scoring_elements	0.40364
published_at	2026-04-01T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40451
published_at	2026-04-08T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40477
published_at	2026-04-04T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.404
published_at	2026-04-07T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40462
published_at	2026-04-09T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40483
published_at	2026-04-11T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40445
published_at	2026-04-12T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40426
published_at	2026-04-13T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40473
published_at	2026-04-16T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40442
published_at	2026-04-18T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40367
published_at	2026-04-21T12:55:00Z

value	0.00186
scoring_system	epss
scoring_elements	0.40258
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-15720

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15720
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15720

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1855273
reference_id	1855273
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1855273

reference_url	https://access.redhat.com/errata/RHSA-2020:4847
reference_id	RHSA-2020:4847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4847

fixed_packages

url	pkg:deb/debian/dogtag-pki@10.9.1-1?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.9.1-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.9.1-1%3Fdistro=bullseye

url	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.10.2-3%3Fdistro=bullseye

aliases CVE-2020-15720

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-23u7-hejn-dkdk

url VCID-7v3m-meaa-sudu

vulnerability_id VCID-7v3m-meaa-sudu

summary pki-core/pki-kra: Reflected XSS in recoveryID search field at KRA's DRM agent page in authorize recovery tab

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10179.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10179.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10179

reference_id

reference_type

scores

value	0.00451
scoring_system	epss
scoring_elements	0.63614
published_at	2026-04-01T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63743
published_at	2026-04-24T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63729
published_at	2026-04-16T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63739
published_at	2026-04-18T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63725
published_at	2026-04-21T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63673
published_at	2026-04-02T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.637
published_at	2026-04-04T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.6366
published_at	2026-04-07T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63711
published_at	2026-04-08T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63728
published_at	2026-04-12T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63742
published_at	2026-04-11T12:55:00Z

value	0.00451
scoring_system	epss
scoring_elements	0.63694
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10179

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10179
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10179

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1695901
reference_id	1695901
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1695901

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dogtagpki:dogtagpki::::::::
reference_id	cpe:2.3:a:dogtagpki:dogtagpki::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dogtagpki:dogtagpki::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10179

reference_id

CVE-2019-10179

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10179

reference_url	https://access.redhat.com/errata/RHSA-2020:4847
reference_id	RHSA-2020:4847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4847

reference_url	https://access.redhat.com/errata/RHSA-2021:0819
reference_id	RHSA-2021:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0819

reference_url	https://access.redhat.com/errata/RHSA-2021:0851
reference_id	RHSA-2021:0851
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0851

reference_url	https://access.redhat.com/errata/RHSA-2021:0975
reference_id	RHSA-2021:0975
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0975

fixed_packages

url	pkg:deb/debian/dogtag-pki@10.9.1-1?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.9.1-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.9.1-1%3Fdistro=bullseye

url	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.10.2-3%3Fdistro=bullseye

aliases CVE-2019-10179

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7v3m-meaa-sudu

url VCID-97tw-ymj8-6bbj

vulnerability_id VCID-97tw-ymj8-6bbj

summary pki-core: Reflected XSS in getcookies?url= endpoint in CA

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10221.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10221.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10221

reference_id

reference_type

scores

value	0.00694
scoring_system	epss
scoring_elements	0.71847
published_at	2026-04-01T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71962
published_at	2026-04-24T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71929
published_at	2026-04-16T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71934
published_at	2026-04-18T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71917
published_at	2026-04-21T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71856
published_at	2026-04-02T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71875
published_at	2026-04-04T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71848
published_at	2026-04-07T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71887
published_at	2026-04-13T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71898
published_at	2026-04-09T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71922
published_at	2026-04-11T12:55:00Z

value	0.00694
scoring_system	epss
scoring_elements	0.71904
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10221

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10221
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10221

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10221
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10221

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1732565
reference_id	1732565
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1732565

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dogtagpki:dogtagpki::::::::
reference_id	cpe:2.3:a:dogtagpki:dogtagpki::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dogtagpki:dogtagpki::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10221

reference_id

CVE-2019-10221

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	4.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10221

reference_url	https://access.redhat.com/errata/RHSA-2020:4847
reference_id	RHSA-2020:4847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4847

reference_url	https://access.redhat.com/errata/RHSA-2021:0819
reference_id	RHSA-2021:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0819

reference_url	https://access.redhat.com/errata/RHSA-2021:0851
reference_id	RHSA-2021:0851
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0851

reference_url	https://access.redhat.com/errata/RHSA-2021:0975
reference_id	RHSA-2021:0975
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0975

fixed_packages

url	pkg:deb/debian/dogtag-pki@10.9.1-1?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.9.1-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.9.1-1%3Fdistro=bullseye

url	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.10.2-3%3Fdistro=bullseye

aliases CVE-2019-10221

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-97tw-ymj8-6bbj

url VCID-9dp1-dh3c-pqga

vulnerability_id VCID-9dp1-dh3c-pqga

summary pki-core: Mishandled ACL configuration in AAclAuthz.java reverses rules that allow and deny access

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1080.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1080.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1080

reference_id

reference_type

scores

value	0.00382
scoring_system	epss
scoring_elements	0.59594
published_at	2026-04-24T12:55:00Z

value	0.00382
scoring_system	epss
scoring_elements	0.596
published_at	2026-04-13T12:55:00Z

value	0.00382
scoring_system	epss
scoring_elements	0.59633
published_at	2026-04-16T12:55:00Z

value	0.00382
scoring_system	epss
scoring_elements	0.5964
published_at	2026-04-18T12:55:00Z

value	0.00382
scoring_system	epss
scoring_elements	0.59624
published_at	2026-04-21T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62812
published_at	2026-04-02T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62806
published_at	2026-04-07T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62857
published_at	2026-04-08T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62874
published_at	2026-04-09T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62891
published_at	2026-04-11T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62881
published_at	2026-04-12T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62754
published_at	2026-04-01T12:55:00Z

value	0.00435
scoring_system	epss
scoring_elements	0.62842
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1080

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1080
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1080

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1080
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1080

reference_url	https://pagure.io/freeipa/issue/7453
reference_id
reference_type
scores
url	https://pagure.io/freeipa/issue/7453

reference_url	https://review.gerrithub.io/c/dogtagpki/pki/+/404435
reference_id
reference_type
scores
url	https://review.gerrithub.io/c/dogtagpki/pki/+/404435

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1556657
reference_id	1556657
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1556657

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893690
reference_id	893690
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=893690

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dogtagpki:dogtagpki::::::::
reference_id	cpe:2.3:a:dogtagpki:dogtagpki::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dogtagpki:dogtagpki::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1080

reference_id

CVE-2018-1080

reference_type

scores

value	6.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1080

reference_url	https://access.redhat.com/errata/RHSA-2018:1979
reference_id	RHSA-2018:1979
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:1979

fixed_packages

url	pkg:deb/debian/dogtag-pki@10.6.6-1?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.6.6-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.6.6-1%3Fdistro=bullseye

url	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.10.2-3%3Fdistro=bullseye

aliases CVE-2018-1080

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9dp1-dh3c-pqga

url VCID-pf14-dtsb-ebd2

vulnerability_id VCID-pf14-dtsb-ebd2

summary pki-core: KRA vulnerable to reflected XSS via the getPk12 page

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1721.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-1721.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-1721

reference_id

reference_type

scores

value	0.00746
scoring_system	epss
scoring_elements	0.7301
published_at	2026-04-01T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.73019
published_at	2026-04-02T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.7304
published_at	2026-04-04T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.73015
published_at	2026-04-07T12:55:00Z

value	0.00746
scoring_system	epss
scoring_elements	0.73052
published_at	2026-04-08T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.7452
published_at	2026-04-24T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74486
published_at	2026-04-16T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74494
published_at	2026-04-18T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74485
published_at	2026-04-21T12:55:00Z

value	0.00825
scoring_system	epss
scoring_elements	0.74449
published_at	2026-04-13T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.79019
published_at	2026-04-11T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.79004
published_at	2026-04-12T12:55:00Z

value	0.01211
scoring_system	epss
scoring_elements	0.78994
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-1721

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1721
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1721

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1777579
reference_id	1777579
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1777579

reference_url	https://access.redhat.com/errata/RHSA-2020:4847
reference_id	RHSA-2020:4847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4847

reference_url	https://access.redhat.com/errata/RHSA-2021:0819
reference_id	RHSA-2021:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0819

reference_url	https://access.redhat.com/errata/RHSA-2021:0851
reference_id	RHSA-2021:0851
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0851

reference_url	https://access.redhat.com/errata/RHSA-2021:0975
reference_id	RHSA-2021:0975
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0975

fixed_packages

url	pkg:deb/debian/dogtag-pki@10.9.1-1?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.9.1-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.9.1-1%3Fdistro=bullseye

url	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.10.2-3%3Fdistro=bullseye

aliases CVE-2020-1721

risk_score 1.9

exploitability 0.5

weighted_severity 3.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pf14-dtsb-ebd2

url VCID-qwg3-thj2-tkav

vulnerability_id VCID-qwg3-thj2-tkav

summary pki-core: Reflected XSS in 'path length' constraint field in CA's Agent page

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10146.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10146.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10146

reference_id

reference_type

scores

value	0.00191
scoring_system	epss
scoring_elements	0.40901
published_at	2026-04-01T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40805
published_at	2026-04-24T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.41006
published_at	2026-04-16T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40977
published_at	2026-04-18T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40898
published_at	2026-04-21T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40982
published_at	2026-04-02T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.41014
published_at	2026-04-04T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.4094
published_at	2026-04-07T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40989
published_at	2026-04-08T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40997
published_at	2026-04-09T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.41015
published_at	2026-04-11T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.4098
published_at	2026-04-12T12:55:00Z

value	0.00191
scoring_system	epss
scoring_elements	0.40964
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10146

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10146
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10146

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10146
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10146

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1710171
reference_id	1710171
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1710171

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dogtagpki:dogtagpki::::::::
reference_id	cpe:2.3:a:dogtagpki:dogtagpki::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:dogtagpki:dogtagpki::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-10146

reference_id

CVE-2019-10146

reference_type

scores

value	2.6
scoring_system	cvssv2
scoring_elements	AV:N/AC:H/Au:N/C:N/I:P/A:N

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-10146

reference_url	https://access.redhat.com/errata/RHSA-2020:4847
reference_id	RHSA-2020:4847
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4847

reference_url	https://access.redhat.com/errata/RHSA-2021:0819
reference_id	RHSA-2021:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0819

reference_url	https://access.redhat.com/errata/RHSA-2021:0851
reference_id	RHSA-2021:0851
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0851

reference_url	https://access.redhat.com/errata/RHSA-2021:0975
reference_id	RHSA-2021:0975
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0975

fixed_packages

url	pkg:deb/debian/dogtag-pki@10.9.1-1?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.9.1-1?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.9.1-1%3Fdistro=bullseye

url	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.10.2-3%3Fdistro=bullseye

aliases CVE-2019-10146

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qwg3-thj2-tkav

url VCID-rxue-euzn-nffg

vulnerability_id VCID-rxue-euzn-nffg

summary pki-core: mock CMC authentication plugin with hardcoded secret enabled by default

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7537.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7537.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-7537

reference_id

reference_type

scores

value	0.00125
scoring_system	epss
scoring_elements	0.31735
published_at	2026-04-01T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.31867
published_at	2026-04-02T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.31911
published_at	2026-04-04T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.3173
published_at	2026-04-07T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.31782
published_at	2026-04-08T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.31812
published_at	2026-04-09T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.31815
published_at	2026-04-11T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.31775
published_at	2026-04-12T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.3174
published_at	2026-04-13T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.31772
published_at	2026-04-16T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.31751
published_at	2026-04-18T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.3172
published_at	2026-04-21T12:55:00Z

value	0.00125
scoring_system	epss
scoring_elements	0.31549
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-7537

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7537
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7537

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1470817
reference_id	1470817
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1470817

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869261
reference_id	869261
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=869261

reference_url	https://access.redhat.com/errata/RHSA-2017:2335
reference_id	RHSA-2017:2335
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:2335

reference_url	https://usn.ubuntu.com/7146-1/
reference_id	USN-7146-1
reference_type
scores
url	https://usn.ubuntu.com/7146-1/

fixed_packages

url	pkg:deb/debian/dogtag-pki@10.3.5%2B12-5?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.3.5%2B12-5?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.3.5%252B12-5%3Fdistro=bullseye

url	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.10.2-3%3Fdistro=bullseye

aliases CVE-2017-7537

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rxue-euzn-nffg

url VCID-z6js-5t5m-fka9

vulnerability_id VCID-z6js-5t5m-fka9

summary pki-core: Unprivileged users can renew any certificate

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20179.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20179.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20179

reference_id

reference_type

scores

value	0.00291
scoring_system	epss
scoring_elements	0.52402
published_at	2026-04-01T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52448
published_at	2026-04-02T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52476
published_at	2026-04-04T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52442
published_at	2026-04-07T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52494
published_at	2026-04-08T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52489
published_at	2026-04-09T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.5254
published_at	2026-04-11T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52523
published_at	2026-04-12T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52507
published_at	2026-04-13T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52546
published_at	2026-04-16T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52551
published_at	2026-04-18T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52535
published_at	2026-04-21T12:55:00Z

value	0.00291
scoring_system	epss
scoring_elements	0.52483
published_at	2026-04-24T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20179

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20179
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20179

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1914379
reference_id	1914379
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1914379

reference_url	https://access.redhat.com/errata/RHSA-2021:0819
reference_id	RHSA-2021:0819
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0819

reference_url	https://access.redhat.com/errata/RHSA-2021:0851
reference_id	RHSA-2021:0851
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0851

reference_url	https://access.redhat.com/errata/RHSA-2021:0966
reference_id	RHSA-2021:0966
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0966

reference_url	https://access.redhat.com/errata/RHSA-2021:0975
reference_id	RHSA-2021:0975
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0975

reference_url	https://access.redhat.com/errata/RHSA-2021:1263
reference_id	RHSA-2021:1263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1263

reference_url	https://usn.ubuntu.com/8158-1/
reference_id	USN-8158-1
reference_type
scores
url	https://usn.ubuntu.com/8158-1/

fixed_packages

url	pkg:deb/debian/dogtag-pki@10.10.2-2?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.10.2-2?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.10.2-2%3Fdistro=bullseye

url	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
purl	pkg:deb/debian/dogtag-pki@10.10.2-3?distro=bullseye
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.10.2-3%3Fdistro=bullseye

aliases CVE-2021-20179

risk_score 3.6

exploitability 0.5

weighted_severity 7.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6js-5t5m-fka9

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/dogtag-pki@10.10.2-3%3Fdistro=bullseye

Package Instance