Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/ansible@1.5.5%2Bdfsg-1?distro=trixie
Typedeb
Namespacedebian
Nameansible
Version1.5.5+dfsg-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.6.6+dfsg-1
Latest_non_vulnerable_version13.4.0+dfsg-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-c22m-1buy-3uc5
vulnerability_id VCID-c22m-1buy-3uc5
summary The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4658.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4658.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4658
reference_id
reference_type
scores
0
value 0.00119
scoring_system epss
scoring_elements 0.30857
published_at 2026-04-13T12:55:00Z
1
value 0.00119
scoring_system epss
scoring_elements 0.30902
published_at 2026-04-12T12:55:00Z
2
value 0.00119
scoring_system epss
scoring_elements 0.30944
published_at 2026-04-11T12:55:00Z
3
value 0.00119
scoring_system epss
scoring_elements 0.30941
published_at 2026-04-09T12:55:00Z
4
value 0.00119
scoring_system epss
scoring_elements 0.3091
published_at 2026-04-08T12:55:00Z
5
value 0.00119
scoring_system epss
scoring_elements 0.30852
published_at 2026-04-07T12:55:00Z
6
value 0.00119
scoring_system epss
scoring_elements 0.31034
published_at 2026-04-04T12:55:00Z
7
value 0.00119
scoring_system epss
scoring_elements 0.30987
published_at 2026-04-02T12:55:00Z
8
value 0.00119
scoring_system epss
scoring_elements 0.30861
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4658
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4658
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4658
3
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
4
reference_url https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md
5
reference_url https://github.com/ansible/ansible/commit/a0e027fe362fbc209dbeff2f72d6e95f39885c69
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/a0e027fe362fbc209dbeff2f72d6e95f39885c69
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-200.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-200.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-4658
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-4658
8
reference_url https://web.archive.org/web/20210120133853/https://www.securityfocus.com/bid/68233
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210120133853/https://www.securityfocus.com/bid/68233
9
reference_url https://www.securityfocus.com/bid/68233
reference_id
reference_type
scores
url https://www.securityfocus.com/bid/68233
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1831258
reference_id 1831258
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1831258
11
reference_url https://github.com/advisories/GHSA-5g4v-2pc6-4hh4
reference_id GHSA-5g4v-2pc6-4hh4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5g4v-2pc6-4hh4
fixed_packages
0
url pkg:deb/debian/ansible@1.5.5%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@1.5.5%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@1.5.5%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-4658, GHSA-5g4v-2pc6-4hh4, PYSEC-2020-200
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c22m-1buy-3uc5
1
url VCID-jwsu-7znb-kueg
vulnerability_id VCID-jwsu-7znb-kueg
summary Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb http://user:pass@server:port/" format.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4660
reference_id
reference_type
scores
0
value 0.00119
scoring_system epss
scoring_elements 0.30881
published_at 2026-04-02T12:55:00Z
1
value 0.00119
scoring_system epss
scoring_elements 0.30751
published_at 2026-04-13T12:55:00Z
2
value 0.00119
scoring_system epss
scoring_elements 0.30796
published_at 2026-04-12T12:55:00Z
3
value 0.00119
scoring_system epss
scoring_elements 0.3084
published_at 2026-04-11T12:55:00Z
4
value 0.00119
scoring_system epss
scoring_elements 0.30839
published_at 2026-04-09T12:55:00Z
5
value 0.00119
scoring_system epss
scoring_elements 0.30807
published_at 2026-04-08T12:55:00Z
6
value 0.00119
scoring_system epss
scoring_elements 0.30749
published_at 2026-04-07T12:55:00Z
7
value 0.00119
scoring_system epss
scoring_elements 0.30929
published_at 2026-04-04T12:55:00Z
8
value 0.00119
scoring_system epss
scoring_elements 0.30754
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4660
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4660
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4660
2
reference_url https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md
3
reference_url https://github.com/ansible/ansible/commit/c4b5e46054c74176b2446c82d4df1a2610eddc08
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/c4b5e46054c74176b2446c82d4df1a2610eddc08
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-202.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-202.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-4660
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-4660
6
reference_url https://security-tracker.debian.org/tracker/CVE-2014-4660
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security-tracker.debian.org/tracker/CVE-2014-4660
7
reference_url https://web.archive.org/web/20200229060002/https://www.securityfocus.com/bid/68231
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200229060002/https://www.securityfocus.com/bid/68231
8
reference_url https://www.openwall.com/lists/oss-security/2014/06/26/19
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.openwall.com/lists/oss-security/2014/06/26/19
9
reference_url https://www.securityfocus.com/bid/68231
reference_id
reference_type
scores
url https://www.securityfocus.com/bid/68231
10
reference_url https://github.com/advisories/GHSA-5xm4-jmpw-p6j3
reference_id GHSA-5xm4-jmpw-p6j3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5xm4-jmpw-p6j3
fixed_packages
0
url pkg:deb/debian/ansible@1.5.5%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@1.5.5%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@1.5.5%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-4660, GHSA-5xm4-jmpw-p6j3, PYSEC-2020-202
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jwsu-7znb-kueg
2
url VCID-vdyk-rcxz-z7an
vulnerability_id VCID-vdyk-rcxz-z7an
summary The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4657.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4657.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4657
reference_id
reference_type
scores
0
value 0.02239
scoring_system epss
scoring_elements 0.84479
published_at 2026-04-01T12:55:00Z
1
value 0.02239
scoring_system epss
scoring_elements 0.84518
published_at 2026-04-07T12:55:00Z
2
value 0.02239
scoring_system epss
scoring_elements 0.84516
published_at 2026-04-04T12:55:00Z
3
value 0.02239
scoring_system epss
scoring_elements 0.84494
published_at 2026-04-02T12:55:00Z
4
value 0.02239
scoring_system epss
scoring_elements 0.84555
published_at 2026-04-13T12:55:00Z
5
value 0.02239
scoring_system epss
scoring_elements 0.84559
published_at 2026-04-12T12:55:00Z
6
value 0.02239
scoring_system epss
scoring_elements 0.84564
published_at 2026-04-11T12:55:00Z
7
value 0.02239
scoring_system epss
scoring_elements 0.84545
published_at 2026-04-09T12:55:00Z
8
value 0.02239
scoring_system epss
scoring_elements 0.8454
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4657
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4657
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4657
3
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
4
reference_url https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md
5
reference_url https://github.com/ansible/ansible/commit/998793fd0ab55705d57527a38cee5e83f535974c
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/998793fd0ab55705d57527a38cee5e83f535974c
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-199.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-199.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-4657
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-4657
8
reference_url https://web.archive.org/web/20210120133852/https://www.securityfocus.com/bid/68232
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20210120133852/https://www.securityfocus.com/bid/68232
9
reference_url https://www.securityfocus.com/bid/68232
reference_id
reference_type
scores
url https://www.securityfocus.com/bid/68232
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1831263
reference_id 1831263
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1831263
11
reference_url https://github.com/advisories/GHSA-qg47-5px9-32g7
reference_id GHSA-qg47-5px9-32g7
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qg47-5px9-32g7
12
reference_url https://security.gentoo.org/glsa/201411-09
reference_id GLSA-201411-09
reference_type
scores
url https://security.gentoo.org/glsa/201411-09
fixed_packages
0
url pkg:deb/debian/ansible@1.5.5%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@1.5.5%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@1.5.5%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-4657, GHSA-qg47-5px9-32g7, PYSEC-2020-199
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vdyk-rcxz-z7an
3
url VCID-w6be-213x-1yh3
vulnerability_id VCID-w6be-213x-1yh3
summary Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4659.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4659.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4659
reference_id
reference_type
scores
0
value 0.00081
scoring_system epss
scoring_elements 0.23782
published_at 2026-04-13T12:55:00Z
1
value 0.00081
scoring_system epss
scoring_elements 0.23838
published_at 2026-04-12T12:55:00Z
2
value 0.00081
scoring_system epss
scoring_elements 0.23799
published_at 2026-04-01T12:55:00Z
3
value 0.00081
scoring_system epss
scoring_elements 0.23821
published_at 2026-04-08T12:55:00Z
4
value 0.00081
scoring_system epss
scoring_elements 0.2375
published_at 2026-04-07T12:55:00Z
5
value 0.00081
scoring_system epss
scoring_elements 0.23962
published_at 2026-04-04T12:55:00Z
6
value 0.00081
scoring_system epss
scoring_elements 0.23921
published_at 2026-04-02T12:55:00Z
7
value 0.00081
scoring_system epss
scoring_elements 0.23883
published_at 2026-04-11T12:55:00Z
8
value 0.00081
scoring_system epss
scoring_elements 0.23867
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4659
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4659
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4659
3
reference_url https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/blob/release1.5.5/CHANGELOG.md
4
reference_url https://github.com/ansible/ansible/commit/a0e027fe362fbc209dbeff2f72d6e95f39885c69
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/a0e027fe362fbc209dbeff2f72d6e95f39885c69
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-201.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-201.yaml
6
reference_url https://web.archive.org/web/20200229060001/https://www.securityfocus.com/bid/68234
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200229060001/https://www.securityfocus.com/bid/68234
7
reference_url https://www.securityfocus.com/bid/68234
reference_id
reference_type
scores
url https://www.securityfocus.com/bid/68234
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1831254
reference_id 1831254
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1831254
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-4659
reference_id CVE-2014-4659
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-4659
10
reference_url https://github.com/advisories/GHSA-6667-f46p-pg88
reference_id GHSA-6667-f46p-pg88
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6667-f46p-pg88
fixed_packages
0
url pkg:deb/debian/ansible@1.5.5%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@1.5.5%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@1.5.5%252Bdfsg-1%3Fdistro=trixie
1
url pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/ansible@2.10.7%2Bmerged%2Bbase%2B2.10.17%2Bdfsg-0%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@2.10.7%252Bmerged%252Bbase%252B2.10.17%252Bdfsg-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/ansible@7.7.0%2Bdfsg-3%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@7.7.0%252Bdfsg-3%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/ansible@12.0.0%2Bdfsg-0%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@12.0.0%252Bdfsg-0%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
purl pkg:deb/debian/ansible@13.4.0%2Bdfsg-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@13.4.0%252Bdfsg-1%3Fdistro=trixie
aliases CVE-2014-4659, GHSA-6667-f46p-pg88, PYSEC-2020-201
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6be-213x-1yh3
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/ansible@1.5.5%252Bdfsg-1%3Fdistro=trixie