Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:ebuild/app-admin/puppet@2.7.11
Typeebuild
Namespaceapp-admin
Namepuppet
Version2.7.11
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.7.13
Latest_non_vulnerable_version2.7.23
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-2jc8-n1j4-m7c6
vulnerability_id VCID-2jc8-n1j4-m7c6
summary 
Puppet Privilege Escallation
The change_user method in the SUIDManager (lib/puppet/util/suidmanager.rb) in Puppet 2.6.x before 2.6.14 and 2.7.x before 2.7.11, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x before 2.0.3 does not properly manage group privileges, which allows local users to gain privileges via vectors related to (1) the change_user not dropping supplementary groups in certain conditions, (2) changes to the eguid without associated changes to the egid, or (3) the addition of the real gid to supplementary groups.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1053.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1053.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1053
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13362
published_at 2026-04-24T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13389
published_at 2026-04-01T12:55:00Z
2
value 0.00044
scoring_system epss
scoring_elements 0.13489
published_at 2026-04-02T12:55:00Z
3
value 0.00044
scoring_system epss
scoring_elements 0.13551
published_at 2026-04-04T12:55:00Z
4
value 0.00044
scoring_system epss
scoring_elements 0.13348
published_at 2026-04-07T12:55:00Z
5
value 0.00044
scoring_system epss
scoring_elements 0.1343
published_at 2026-04-08T12:55:00Z
6
value 0.00044
scoring_system epss
scoring_elements 0.13479
published_at 2026-04-09T12:55:00Z
7
value 0.00044
scoring_system epss
scoring_elements 0.13453
published_at 2026-04-11T12:55:00Z
8
value 0.00044
scoring_system epss
scoring_elements 0.13418
published_at 2026-04-12T12:55:00Z
9
value 0.00044
scoring_system epss
scoring_elements 0.13372
published_at 2026-04-13T12:55:00Z
10
value 0.00044
scoring_system epss
scoring_elements 0.13279
published_at 2026-04-16T12:55:00Z
11
value 0.00044
scoring_system epss
scoring_elements 0.13277
published_at 2026-04-18T12:55:00Z
12
value 0.00044
scoring_system epss
scoring_elements 0.13357
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1053
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1053
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1053
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/73445
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/73445
4
reference_url https://github.com/puppetlabs/puppet/commit/76d0749f0a9a496b70e7dc7e6d6d6ff692224e36
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/76d0749f0a9a496b70e7dc7e6d6d6ff692224e36
5
reference_url https://hermes.opensuse.org/messages/15087408
reference_id
reference_type
scores
url https://hermes.opensuse.org/messages/15087408
6
reference_url https://lists.opensuse.org/opensuse-security-announce/2012-03/msg00003.html
reference_id
reference_type
scores
url https://lists.opensuse.org/opensuse-security-announce/2012-03/msg00003.html
7
reference_url https://ubuntu.com/usn/usn-1372-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://ubuntu.com/usn/usn-1372-1
8
reference_url https://web.archive.org/web/20120504011717/http://puppetlabs.com/security/cve/cve-2012-1053
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120504011717/http://puppetlabs.com/security/cve/cve-2012-1053
9
reference_url https://web.archive.org/web/20120513215447/http://projects.puppetlabs.com/issues/12458
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513215447/http://projects.puppetlabs.com/issues/12458
10
reference_url https://web.archive.org/web/20120513215653/http://projects.puppetlabs.com/issues/12457
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513215653/http://projects.puppetlabs.com/issues/12457
11
reference_url https://web.archive.org/web/20120513223437/http://projects.puppetlabs.com/issues/12459
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513223437/http://projects.puppetlabs.com/issues/12459
12
reference_url https://web.archive.org/web/20120527071855/http://www.securityfocus.com/bid/52158
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120527071855/http://www.securityfocus.com/bid/52158
13
reference_url https://web.archive.org/web/20120816020421/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120816020421/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.14
14
reference_url https://www.debian.org/security/2012/dsa-2419
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2012/dsa-2419
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=791001
reference_id 791001
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=791001
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1053
reference_id CVE-2012-1053
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1053
17
reference_url https://web.archive.org/web/20120504011717/http://puppetlabs.com/security/cve/cve-2012-1053/
reference_id CVE-2012-1053
reference_type
scores
url https://web.archive.org/web/20120504011717/http://puppetlabs.com/security/cve/cve-2012-1053/
18
reference_url https://github.com/advisories/GHSA-77hg-g8cc-5r37
reference_id GHSA-77hg-g8cc-5r37
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-77hg-g8cc-5r37
19
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
20
reference_url https://usn.ubuntu.com/1372-1/
reference_id USN-1372-1
reference_type
scores
url https://usn.ubuntu.com/1372-1/
fixed_packages
0
url pkg:ebuild/app-admin/puppet@2.7.11
purl pkg:ebuild/app-admin/puppet@2.7.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-admin/puppet@2.7.11
aliases CVE-2012-1053, GHSA-77hg-g8cc-5r37
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jc8-n1j4-m7c6
1
url VCID-72s2-y7m6-kuf6
vulnerability_id VCID-72s2-y7m6-kuf6
summary 
Multiple vulnerabilities have been found in Puppet, the worst of
    which might allow local attackers to gain escalated privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1054.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1054.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1054
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21599
published_at 2026-04-01T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.21772
published_at 2026-04-02T12:55:00Z
2
value 0.00071
scoring_system epss
scoring_elements 0.21826
published_at 2026-04-04T12:55:00Z
3
value 0.00071
scoring_system epss
scoring_elements 0.21579
published_at 2026-04-07T12:55:00Z
4
value 0.00071
scoring_system epss
scoring_elements 0.21656
published_at 2026-04-08T12:55:00Z
5
value 0.00071
scoring_system epss
scoring_elements 0.21713
published_at 2026-04-09T12:55:00Z
6
value 0.00071
scoring_system epss
scoring_elements 0.21724
published_at 2026-04-11T12:55:00Z
7
value 0.00071
scoring_system epss
scoring_elements 0.21685
published_at 2026-04-12T12:55:00Z
8
value 0.00071
scoring_system epss
scoring_elements 0.21628
published_at 2026-04-13T12:55:00Z
9
value 0.00071
scoring_system epss
scoring_elements 0.21627
published_at 2026-04-16T12:55:00Z
10
value 0.00071
scoring_system epss
scoring_elements 0.21634
published_at 2026-04-18T12:55:00Z
11
value 0.00071
scoring_system epss
scoring_elements 0.21602
published_at 2026-04-21T12:55:00Z
12
value 0.00071
scoring_system epss
scoring_elements 0.21454
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1054
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1054
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1054
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=791002
reference_id 791002
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=791002
4
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
5
reference_url https://usn.ubuntu.com/1372-1/
reference_id USN-1372-1
reference_type
scores
url https://usn.ubuntu.com/1372-1/
fixed_packages
0
url pkg:ebuild/app-admin/puppet@2.7.11
purl pkg:ebuild/app-admin/puppet@2.7.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-admin/puppet@2.7.11
aliases CVE-2012-1054
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-72s2-y7m6-kuf6
2
url VCID-a7cn-eqbq-qyb1
vulnerability_id VCID-a7cn-eqbq-qyb1
summary 
Puppet uses predictable filenames, allowing arbitrary file overwrite
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x, when running in --edit mode, uses a predictable file name, which allows local users to run arbitrary Puppet code or trick a user into editing arbitrary files.
references
0
reference_url http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3871.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3871.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3871
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.12939
published_at 2026-04-24T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.1305
published_at 2026-04-02T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.13102
published_at 2026-04-04T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.12904
published_at 2026-04-07T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.12983
published_at 2026-04-08T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.13035
published_at 2026-04-09T12:55:00Z
6
value 0.00042
scoring_system epss
scoring_elements 0.12996
published_at 2026-04-11T12:55:00Z
7
value 0.00042
scoring_system epss
scoring_elements 0.12913
published_at 2026-04-13T12:55:00Z
8
value 0.00042
scoring_system epss
scoring_elements 0.12814
published_at 2026-04-16T12:55:00Z
9
value 0.00042
scoring_system epss
scoring_elements 0.12817
published_at 2026-04-18T12:55:00Z
10
value 0.00042
scoring_system epss
scoring_elements 0.12915
published_at 2026-04-21T12:55:00Z
11
value 0.00042
scoring_system epss
scoring_elements 0.12958
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3871
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3871
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3871
7
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
8
reference_url https://github.com/puppetlabs/puppet/commit/343c7bd381b63e042d437111718918f951d9b30d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/343c7bd381b63e042d437111718918f951d9b30d
9
reference_url https://github.com/puppetlabs/puppet/commit/d76c30935460ded953792dfe49f72b8c5158e899
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/d76c30935460ded953792dfe49f72b8c5158e899
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2011-3871.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2011-3871.yml
11
reference_url http://www.debian.org/security/2011/dsa-2314
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2314
12
reference_url http://www.ubuntu.com/usn/USN-1223-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1223-1
13
reference_url http://www.ubuntu.com/usn/USN-1223-2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1223-2
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=742649
reference_id 742649
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=742649
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-3871
reference_id CVE-2011-3871
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-3871
16
reference_url https://puppet.com/security/cve/cve-2011-3871
reference_id CVE-2011-3871
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2011-3871
17
reference_url https://github.com/advisories/GHSA-mpmx-gm5v-q789
reference_id GHSA-mpmx-gm5v-q789
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mpmx-gm5v-q789
18
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
19
reference_url https://usn.ubuntu.com/1223-1/
reference_id USN-1223-1
reference_type
scores
url https://usn.ubuntu.com/1223-1/
fixed_packages
0
url pkg:ebuild/app-admin/puppet@2.7.11
purl pkg:ebuild/app-admin/puppet@2.7.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-admin/puppet@2.7.11
aliases CVE-2011-3871, GHSA-mpmx-gm5v-q789
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a7cn-eqbq-qyb1
3
url VCID-absc-ndrs-yqep
vulnerability_id VCID-absc-ndrs-yqep
summary 
Multiple vulnerabilities have been found in Puppet, the worst of
    which might allow local attackers to gain escalated privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3564.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2009-3564.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-3564
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.16703
published_at 2026-04-01T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.16872
published_at 2026-04-02T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.16929
published_at 2026-04-04T12:55:00Z
3
value 0.00053
scoring_system epss
scoring_elements 0.16712
published_at 2026-04-07T12:55:00Z
4
value 0.00053
scoring_system epss
scoring_elements 0.16798
published_at 2026-04-08T12:55:00Z
5
value 0.00053
scoring_system epss
scoring_elements 0.16853
published_at 2026-04-09T12:55:00Z
6
value 0.00053
scoring_system epss
scoring_elements 0.1683
published_at 2026-04-11T12:55:00Z
7
value 0.00053
scoring_system epss
scoring_elements 0.16786
published_at 2026-04-12T12:55:00Z
8
value 0.00053
scoring_system epss
scoring_elements 0.16727
published_at 2026-04-13T12:55:00Z
9
value 0.00053
scoring_system epss
scoring_elements 0.16664
published_at 2026-04-16T12:55:00Z
10
value 0.00053
scoring_system epss
scoring_elements 0.16671
published_at 2026-04-18T12:55:00Z
11
value 0.00053
scoring_system epss
scoring_elements 0.16708
published_at 2026-04-21T12:55:00Z
12
value 0.00053
scoring_system epss
scoring_elements 0.16613
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-3564
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3564
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3564
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=475201
reference_id 475201
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=475201
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551073
reference_id 551073
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=551073
5
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
6
reference_url https://usn.ubuntu.com/917-1/
reference_id USN-917-1
reference_type
scores
url https://usn.ubuntu.com/917-1/
fixed_packages
0
url pkg:ebuild/app-admin/puppet@2.7.11
purl pkg:ebuild/app-admin/puppet@2.7.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-admin/puppet@2.7.11
aliases CVE-2009-3564
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-absc-ndrs-yqep
4
url VCID-fdk4-8wtn-nqct
vulnerability_id VCID-fdk4-8wtn-nqct
summary 
Multiple vulnerabilities have been found in Puppet, the worst of
    which might allow local attackers to gain escalated privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3848.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3848.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3848
reference_id
reference_type
scores
0
value 0.00433
scoring_system epss
scoring_elements 0.62653
published_at 2026-04-01T12:55:00Z
1
value 0.00433
scoring_system epss
scoring_elements 0.62711
published_at 2026-04-02T12:55:00Z
2
value 0.00433
scoring_system epss
scoring_elements 0.62742
published_at 2026-04-04T12:55:00Z
3
value 0.00433
scoring_system epss
scoring_elements 0.62706
published_at 2026-04-07T12:55:00Z
4
value 0.00433
scoring_system epss
scoring_elements 0.62758
published_at 2026-04-08T12:55:00Z
5
value 0.00433
scoring_system epss
scoring_elements 0.62775
published_at 2026-04-09T12:55:00Z
6
value 0.00433
scoring_system epss
scoring_elements 0.62793
published_at 2026-04-11T12:55:00Z
7
value 0.00433
scoring_system epss
scoring_elements 0.62783
published_at 2026-04-12T12:55:00Z
8
value 0.00433
scoring_system epss
scoring_elements 0.6276
published_at 2026-04-13T12:55:00Z
9
value 0.00433
scoring_system epss
scoring_elements 0.62801
published_at 2026-04-16T12:55:00Z
10
value 0.00433
scoring_system epss
scoring_elements 0.62808
published_at 2026-04-18T12:55:00Z
11
value 0.00433
scoring_system epss
scoring_elements 0.62789
published_at 2026-04-21T12:55:00Z
12
value 0.00433
scoring_system epss
scoring_elements 0.62809
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3848
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3848
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3848
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=742174
reference_id 742174
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=742174
4
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
5
reference_url https://usn.ubuntu.com/1217-1/
reference_id USN-1217-1
reference_type
scores
url https://usn.ubuntu.com/1217-1/
fixed_packages
0
url pkg:ebuild/app-admin/puppet@2.7.11
purl pkg:ebuild/app-admin/puppet@2.7.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-admin/puppet@2.7.11
aliases CVE-2011-3848
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fdk4-8wtn-nqct
5
url VCID-jhkk-5euf-uked
vulnerability_id VCID-jhkk-5euf-uked
summary 
Improper Link Resolution Before File Access ('Link Following')
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file.
references
0
reference_url http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3869.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3869.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3869
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.128
published_at 2026-04-24T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.12951
published_at 2026-04-04T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.12754
published_at 2026-04-07T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.12834
published_at 2026-04-08T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.12885
published_at 2026-04-09T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.12851
published_at 2026-04-11T12:55:00Z
6
value 0.00042
scoring_system epss
scoring_elements 0.12813
published_at 2026-04-12T12:55:00Z
7
value 0.00042
scoring_system epss
scoring_elements 0.12768
published_at 2026-04-13T12:55:00Z
8
value 0.00042
scoring_system epss
scoring_elements 0.12671
published_at 2026-04-16T12:55:00Z
9
value 0.00042
scoring_system epss
scoring_elements 0.12678
published_at 2026-04-18T12:55:00Z
10
value 0.00042
scoring_system epss
scoring_elements 0.1278
published_at 2026-04-21T12:55:00Z
11
value 0.00042
scoring_system epss
scoring_elements 0.12803
published_at 2026-04-01T12:55:00Z
12
value 0.00042
scoring_system epss
scoring_elements 0.12901
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3869
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3869
7
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
8
reference_url https://github.com/puppetlabs/puppet/commit/2775c21ae48e189950dbea5e7b4d1d9fa2aca41c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/2775c21ae48e189950dbea5e7b4d1d9fa2aca41c
9
reference_url https://github.com/puppetlabs/puppet/commit/7d4c169df84fc7bbeb2941bf995a63470f71bdbd
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/7d4c169df84fc7bbeb2941bf995a63470f71bdbd
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2011-3869.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2011-3869.yml
11
reference_url http://www.debian.org/security/2011/dsa-2314
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2314
12
reference_url http://www.ubuntu.com/usn/USN-1223-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1223-1
13
reference_url http://www.ubuntu.com/usn/USN-1223-2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1223-2
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=742645
reference_id 742645
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=742645
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-3869
reference_id CVE-2011-3869
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-3869
16
reference_url https://puppet.com/security/cve/cve-2011-3869
reference_id CVE-2011-3869
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2011-3869
17
reference_url https://github.com/advisories/GHSA-8c56-v25w-f89c
reference_id GHSA-8c56-v25w-f89c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8c56-v25w-f89c
18
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
19
reference_url https://usn.ubuntu.com/1223-1/
reference_id USN-1223-1
reference_type
scores
url https://usn.ubuntu.com/1223-1/
fixed_packages
0
url pkg:ebuild/app-admin/puppet@2.7.11
purl pkg:ebuild/app-admin/puppet@2.7.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-admin/puppet@2.7.11
aliases CVE-2011-3869, GHSA-8c56-v25w-f89c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jhkk-5euf-uked
6
url VCID-txx3-3fzg-33cp
vulnerability_id VCID-txx3-3fzg-33cp
summary 
Improper Link Resolution Before File Access ('Link Following')
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to modify the permissions of arbitrary files via a symlink attack on the SSH authorized_keys file.
references
0
reference_url http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3870.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3870.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3870
reference_id
reference_type
scores
0
value 0.00033
scoring_system epss
scoring_elements 0.09547
published_at 2026-04-24T12:55:00Z
1
value 0.00033
scoring_system epss
scoring_elements 0.09401
published_at 2026-04-02T12:55:00Z
2
value 0.00033
scoring_system epss
scoring_elements 0.09451
published_at 2026-04-04T12:55:00Z
3
value 0.00033
scoring_system epss
scoring_elements 0.09361
published_at 2026-04-07T12:55:00Z
4
value 0.00033
scoring_system epss
scoring_elements 0.09435
published_at 2026-04-08T12:55:00Z
5
value 0.00033
scoring_system epss
scoring_elements 0.09483
published_at 2026-04-09T12:55:00Z
6
value 0.00033
scoring_system epss
scoring_elements 0.09496
published_at 2026-04-21T12:55:00Z
7
value 0.00033
scoring_system epss
scoring_elements 0.09469
published_at 2026-04-12T12:55:00Z
8
value 0.00033
scoring_system epss
scoring_elements 0.09452
published_at 2026-04-13T12:55:00Z
9
value 0.00033
scoring_system epss
scoring_elements 0.09344
published_at 2026-04-16T12:55:00Z
10
value 0.00033
scoring_system epss
scoring_elements 0.09345
published_at 2026-04-18T12:55:00Z
11
value 0.00033
scoring_system epss
scoring_elements 0.09397
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3870
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3870
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3870
7
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
8
reference_url https://github.com/puppetlabs/puppet/commit/88512e880bd2a03694b5fef42540dc7b3da05d30
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/88512e880bd2a03694b5fef42540dc7b3da05d30
9
reference_url https://github.com/puppetlabs/puppet/commit/b29b1785d543a3cea961fffa9b3c15f14ab7cce0
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/b29b1785d543a3cea961fffa9b3c15f14ab7cce0
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2011-3870.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2011-3870.yml
11
reference_url http://www.debian.org/security/2011/dsa-2314
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2314
12
reference_url http://www.ubuntu.com/usn/USN-1223-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1223-1
13
reference_url http://www.ubuntu.com/usn/USN-1223-2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1223-2
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=742644
reference_id 742644
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=742644
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-3870
reference_id CVE-2011-3870
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-3870
16
reference_url https://puppet.com/security/cve/cve-2011-3870
reference_id CVE-2011-3870
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2011-3870
17
reference_url https://github.com/advisories/GHSA-qh3g-27jf-3j54
reference_id GHSA-qh3g-27jf-3j54
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qh3g-27jf-3j54
18
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
19
reference_url https://usn.ubuntu.com/1223-1/
reference_id USN-1223-1
reference_type
scores
url https://usn.ubuntu.com/1223-1/
fixed_packages
0
url pkg:ebuild/app-admin/puppet@2.7.11
purl pkg:ebuild/app-admin/puppet@2.7.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-admin/puppet@2.7.11
aliases CVE-2011-3870, GHSA-qh3g-27jf-3j54
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-txx3-3fzg-33cp
7
url VCID-vrzs-81t1-jyax
vulnerability_id VCID-vrzs-81t1-jyax
summary 
Multiple vulnerabilities have been found in Puppet, the worst of
    which might allow local attackers to gain escalated privileges.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3872.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3872.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3872
reference_id
reference_type
scores
0
value 0.02778
scoring_system epss
scoring_elements 0.85995
published_at 2026-04-01T12:55:00Z
1
value 0.02778
scoring_system epss
scoring_elements 0.86006
published_at 2026-04-02T12:55:00Z
2
value 0.02778
scoring_system epss
scoring_elements 0.86023
published_at 2026-04-04T12:55:00Z
3
value 0.02778
scoring_system epss
scoring_elements 0.86022
published_at 2026-04-07T12:55:00Z
4
value 0.02778
scoring_system epss
scoring_elements 0.86042
published_at 2026-04-08T12:55:00Z
5
value 0.02778
scoring_system epss
scoring_elements 0.86051
published_at 2026-04-09T12:55:00Z
6
value 0.02778
scoring_system epss
scoring_elements 0.86065
published_at 2026-04-11T12:55:00Z
7
value 0.02778
scoring_system epss
scoring_elements 0.86063
published_at 2026-04-12T12:55:00Z
8
value 0.02778
scoring_system epss
scoring_elements 0.86058
published_at 2026-04-13T12:55:00Z
9
value 0.02778
scoring_system epss
scoring_elements 0.86076
published_at 2026-04-16T12:55:00Z
10
value 0.02778
scoring_system epss
scoring_elements 0.86081
published_at 2026-04-18T12:55:00Z
11
value 0.02778
scoring_system epss
scoring_elements 0.86073
published_at 2026-04-21T12:55:00Z
12
value 0.02778
scoring_system epss
scoring_elements 0.86093
published_at 2026-04-24T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3872
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3872
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3872
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=748447
reference_id 748447
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=748447
4
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
5
reference_url https://usn.ubuntu.com/1238-1/
reference_id USN-1238-1
reference_type
scores
url https://usn.ubuntu.com/1238-1/
fixed_packages
0
url pkg:ebuild/app-admin/puppet@2.7.11
purl pkg:ebuild/app-admin/puppet@2.7.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-admin/puppet@2.7.11
aliases CVE-2011-3872
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vrzs-81t1-jyax
8
url VCID-ww8x-tzxr-4qbn
vulnerability_id VCID-ww8x-tzxr-4qbn
summary 
Improper Link Resolution Before File Access ('Link Following')
Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.
references
0
reference_url http://groups.google.com/group/puppet-announce/browse_thread/thread/4401823f6cbf6087
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/puppet-announce/browse_thread/thread/4401823f6cbf6087
1
reference_url http://groups.google.com/group/puppet-announce/browse_thread/thread/73cd1b2896d986c2
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/puppet-announce/browse_thread/thread/73cd1b2896d986c2
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036083.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036083.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036166.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036166.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0156
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.1275
published_at 2026-04-13T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.12795
published_at 2026-04-12T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.12816
published_at 2026-04-08T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.1279
published_at 2026-04-24T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.1277
published_at 2026-04-21T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.1266
published_at 2026-04-18T12:55:00Z
6
value 0.00042
scoring_system epss
scoring_elements 0.12653
published_at 2026-04-16T12:55:00Z
7
value 0.00042
scoring_system epss
scoring_elements 0.12867
published_at 2026-04-09T12:55:00Z
8
value 0.00042
scoring_system epss
scoring_elements 0.12833
published_at 2026-04-11T12:55:00Z
9
value 0.00042
scoring_system epss
scoring_elements 0.12785
published_at 2026-04-01T12:55:00Z
10
value 0.00042
scoring_system epss
scoring_elements 0.12883
published_at 2026-04-02T12:55:00Z
11
value 0.00042
scoring_system epss
scoring_elements 0.12933
published_at 2026-04-04T12:55:00Z
12
value 0.00042
scoring_system epss
scoring_elements 0.12736
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0156
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=502881
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=502881
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0156
8
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
9
reference_url https://github.com/puppetlabs/puppet/commit/0aae57f91dc69b22fb674f8de3a13c22edd07128
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/0aae57f91dc69b22fb674f8de3a13c22edd07128
10
reference_url https://github.com/puppetlabs/puppet/commit/6111ba80f2c6f6d1541af971f565119e6e03d77d
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/6111ba80f2c6f6d1541af971f565119e6e03d77d
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2010-0156.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2010-0156.yml
12
reference_url https://web.archive.org/web/20100316113904/http://secunia.com/advisories/38766
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20100316113904/http://secunia.com/advisories/38766
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-0156
reference_id CVE-2010-0156
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-0156
14
reference_url https://puppet.com/security/cve/cve-2010-0156
reference_id CVE-2010-0156
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2010-0156
15
reference_url https://github.com/advisories/GHSA-vrh7-99jh-3fmm
reference_id GHSA-vrh7-99jh-3fmm
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vrh7-99jh-3fmm
16
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
17
reference_url https://usn.ubuntu.com/917-1/
reference_id USN-917-1
reference_type
scores
url https://usn.ubuntu.com/917-1/
fixed_packages
0
url pkg:ebuild/app-admin/puppet@2.7.11
purl pkg:ebuild/app-admin/puppet@2.7.11
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-admin/puppet@2.7.11
aliases CVE-2010-0156, GHSA-vrh7-99jh-3fmm
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ww8x-tzxr-4qbn
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:ebuild/app-admin/puppet@2.7.11