Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/puppet@2.7.18-1?distro=bullseye
Typedeb
Namespacedebian
Namepuppet
Version2.7.18-1
Qualifiers
distro bullseye
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.7.18-3
Latest_non_vulnerable_version5.5.22-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-75gs-2gu3-6udx
vulnerability_id VCID-75gs-2gu3-6udx
summary 
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Directory traversal vulnerability in lib/puppet/reports/store.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, when Delete is enabled in auth.conf, allows remote authenticated users to delete arbitrary files on the puppet master server via a .. (dot dot) in a node name.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
2
reference_url http://puppetlabs.com/security/cve/cve-2012-3865
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2012-3865
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3865.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3865.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3865
reference_id
reference_type
scores
0
value 0.01176
scoring_system epss
scoring_elements 0.7874
published_at 2026-04-16T12:55:00Z
1
value 0.01176
scoring_system epss
scoring_elements 0.78679
published_at 2026-04-07T12:55:00Z
2
value 0.01176
scoring_system epss
scoring_elements 0.78711
published_at 2026-04-13T12:55:00Z
3
value 0.01176
scoring_system epss
scoring_elements 0.78719
published_at 2026-04-12T12:55:00Z
4
value 0.01176
scoring_system epss
scoring_elements 0.78737
published_at 2026-04-11T12:55:00Z
5
value 0.01176
scoring_system epss
scoring_elements 0.78705
published_at 2026-04-08T12:55:00Z
6
value 0.01176
scoring_system epss
scoring_elements 0.78712
published_at 2026-04-09T12:55:00Z
7
value 0.01176
scoring_system epss
scoring_elements 0.78734
published_at 2026-04-21T12:55:00Z
8
value 0.01176
scoring_system epss
scoring_elements 0.78738
published_at 2026-04-18T12:55:00Z
9
value 0.0215
scoring_system epss
scoring_elements 0.84187
published_at 2026-04-02T12:55:00Z
10
value 0.0215
scoring_system epss
scoring_elements 0.84205
published_at 2026-04-04T12:55:00Z
11
value 0.0215
scoring_system epss
scoring_elements 0.84174
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3865
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=839131
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=839131
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3865
7
reference_url http://secunia.com/advisories/50014
reference_id
reference_type
scores
url http://secunia.com/advisories/50014
8
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
9
reference_url https://github.com/puppetlabs/puppet/commit/554eefc55f57ed2b76e5ee04d8f194d36f6ee67f
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/554eefc55f57ed2b76e5ee04d8f194d36f6ee67f
10
reference_url https://github.com/puppetlabs/puppet/commit/d80478208d79a3e6d6cb1fbc525e24817fe8c4c6
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/d80478208d79a3e6d6cb1fbc525e24817fe8c4c6
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/CVE-2012-3865.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/CVE-2012-3865.yml
12
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3865.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3865.yml
13
reference_url https://www.puppet.com/security/cve/overview-cve-2012-3865-arbitrary-file-delete/dos-puppet-master
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.puppet.com/security/cve/overview-cve-2012-3865-arbitrary-file-delete/dos-puppet-master
14
reference_url http://www.debian.org/security/2012/dsa-2511
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2511
15
reference_url http://www.ubuntu.com/usn/USN-1506-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1506-1
16
reference_url http://puppetlabs.com/security/cve/cve-2012-3865/
reference_id CVE-2012-3865
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2012-3865/
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3865
reference_id CVE-2012-3865
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3865
18
reference_url https://github.com/advisories/GHSA-g89m-3wjw-h857
reference_id GHSA-g89m-3wjw-h857
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g89m-3wjw-h857
19
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
20
reference_url https://usn.ubuntu.com/1506-1/
reference_id USN-1506-1
reference_type
scores
url https://usn.ubuntu.com/1506-1/
fixed_packages
0
url pkg:deb/debian/puppet@2.7.18-1?distro=bullseye
purl pkg:deb/debian/puppet@2.7.18-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@2.7.18-1%3Fdistro=bullseye
1
url pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
purl pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@5.5.22-2%3Fdistro=bullseye
aliases CVE-2012-3865, GHSA-g89m-3wjw-h857
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-75gs-2gu3-6udx
1
url VCID-b94j-dcjk-eqeu
vulnerability_id VCID-b94j-dcjk-eqeu
summary 
Improper Authentication
lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote attackers to spoof an agent by acquiring a previously used IP address.
references
0
reference_url http://puppetlabs.com/security/cve/cve-2012-3408
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2012-3408
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3408.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3408.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3408
reference_id
reference_type
scores
0
value 0.00257
scoring_system epss
scoring_elements 0.49124
published_at 2026-04-21T12:55:00Z
1
value 0.00257
scoring_system epss
scoring_elements 0.49119
published_at 2026-04-08T12:55:00Z
2
value 0.00257
scoring_system epss
scoring_elements 0.49116
published_at 2026-04-09T12:55:00Z
3
value 0.00257
scoring_system epss
scoring_elements 0.49133
published_at 2026-04-11T12:55:00Z
4
value 0.00257
scoring_system epss
scoring_elements 0.49107
published_at 2026-04-12T12:55:00Z
5
value 0.00257
scoring_system epss
scoring_elements 0.49113
published_at 2026-04-13T12:55:00Z
6
value 0.00257
scoring_system epss
scoring_elements 0.49158
published_at 2026-04-16T12:55:00Z
7
value 0.00257
scoring_system epss
scoring_elements 0.49156
published_at 2026-04-18T12:55:00Z
8
value 0.00257
scoring_system epss
scoring_elements 0.49049
published_at 2026-04-01T12:55:00Z
9
value 0.00257
scoring_system epss
scoring_elements 0.49083
published_at 2026-04-02T12:55:00Z
10
value 0.00257
scoring_system epss
scoring_elements 0.49111
published_at 2026-04-04T12:55:00Z
11
value 0.00257
scoring_system epss
scoring_elements 0.49065
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3408
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=839166
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=839166
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3408
5
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
6
reference_url https://github.com/puppetlabs/puppet/commit/ab9150baa1b738467a33b01df1d90e076253fbbd
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/ab9150baa1b738467a33b01df1d90e076253fbbd
7
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3408.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3408.yml
8
reference_url https://www.puppet.com/security/cve/cve-2012-3408-agent-impersonation
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.puppet.com/security/cve/cve-2012-3408-agent-impersonation
9
reference_url http://puppetlabs.com/security/cve/cve-2012-3408/
reference_id CVE-2012-3408
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2012-3408/
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3408
reference_id CVE-2012-3408
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3408
11
reference_url https://github.com/advisories/GHSA-vxf6-w9mp-95hm
reference_id GHSA-vxf6-w9mp-95hm
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vxf6-w9mp-95hm
fixed_packages
0
url pkg:deb/debian/puppet@2.7.18-1?distro=bullseye
purl pkg:deb/debian/puppet@2.7.18-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@2.7.18-1%3Fdistro=bullseye
1
url pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
purl pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@5.5.22-2%3Fdistro=bullseye
aliases CVE-2012-3408, GHSA-vxf6-w9mp-95hm
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b94j-dcjk-eqeu
2
url VCID-rrky-upea-nfd4
vulnerability_id VCID-rrky-upea-nfd4
summary puppet: authenticated clients allowed to read arbitrary files from the puppet master
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3864.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3864.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3864
reference_id
reference_type
scores
0
value 0.00314
scoring_system epss
scoring_elements 0.54466
published_at 2026-04-01T12:55:00Z
1
value 0.00314
scoring_system epss
scoring_elements 0.54542
published_at 2026-04-02T12:55:00Z
2
value 0.00314
scoring_system epss
scoring_elements 0.54565
published_at 2026-04-04T12:55:00Z
3
value 0.00314
scoring_system epss
scoring_elements 0.54534
published_at 2026-04-07T12:55:00Z
4
value 0.00314
scoring_system epss
scoring_elements 0.54586
published_at 2026-04-08T12:55:00Z
5
value 0.00314
scoring_system epss
scoring_elements 0.5458
published_at 2026-04-09T12:55:00Z
6
value 0.00314
scoring_system epss
scoring_elements 0.54592
published_at 2026-04-18T12:55:00Z
7
value 0.00314
scoring_system epss
scoring_elements 0.54574
published_at 2026-04-12T12:55:00Z
8
value 0.00314
scoring_system epss
scoring_elements 0.54553
published_at 2026-04-13T12:55:00Z
9
value 0.00314
scoring_system epss
scoring_elements 0.5459
published_at 2026-04-16T12:55:00Z
10
value 0.00314
scoring_system epss
scoring_elements 0.54569
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3864
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3864
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=839130
reference_id 839130
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=839130
4
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
5
reference_url https://usn.ubuntu.com/1506-1/
reference_id USN-1506-1
reference_type
scores
url https://usn.ubuntu.com/1506-1/
fixed_packages
0
url pkg:deb/debian/puppet@2.7.18-1?distro=bullseye
purl pkg:deb/debian/puppet@2.7.18-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@2.7.18-1%3Fdistro=bullseye
1
url pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
purl pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@5.5.22-2%3Fdistro=bullseye
aliases CVE-2012-3864
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rrky-upea-nfd4
3
url VCID-vgbw-4yuu-57fz
vulnerability_id VCID-vgbw-4yuu-57fz
summary 
Low severity vulnerability that affects puppet
lib/puppet/defaults.rb in Puppet 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, uses 0644 permissions for last_run_report.yaml, which allows local users to obtain sensitive configuration information by leveraging access to the puppet master server to read this file.
references
0
reference_url http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
1
reference_url http://puppetlabs.com/security/cve/cve-2012-3866
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2012-3866
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3866
reference_id
reference_type
scores
0
value 0.0005
scoring_system epss
scoring_elements 0.15529
published_at 2026-04-18T12:55:00Z
1
value 0.0005
scoring_system epss
scoring_elements 0.15712
published_at 2026-04-02T12:55:00Z
2
value 0.0005
scoring_system epss
scoring_elements 0.15776
published_at 2026-04-04T12:55:00Z
3
value 0.0005
scoring_system epss
scoring_elements 0.1558
published_at 2026-04-21T12:55:00Z
4
value 0.0005
scoring_system epss
scoring_elements 0.15666
published_at 2026-04-08T12:55:00Z
5
value 0.0005
scoring_system epss
scoring_elements 0.15725
published_at 2026-04-09T12:55:00Z
6
value 0.0005
scoring_system epss
scoring_elements 0.15692
published_at 2026-04-11T12:55:00Z
7
value 0.0005
scoring_system epss
scoring_elements 0.15657
published_at 2026-04-12T12:55:00Z
8
value 0.0005
scoring_system epss
scoring_elements 0.15593
published_at 2026-04-13T12:55:00Z
9
value 0.0005
scoring_system epss
scoring_elements 0.1552
published_at 2026-04-16T12:55:00Z
10
value 0.0005
scoring_system epss
scoring_elements 0.15674
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3866
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=839135
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=839135
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3866
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3866
5
reference_url http://secunia.com/advisories/50014
reference_id
reference_type
scores
url http://secunia.com/advisories/50014
6
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
7
reference_url https://github.com/puppetlabs/puppet/commit/fd44bf5e6d0d360f6a493d663b653c121fa83c3f
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/fd44bf5e6d0d360f6a493d663b653c121fa83c3f
8
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3866.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3866.yml
9
reference_url https://www.puppet.com/security/cve/cve-2012-3866-lastrunreportyaml-world-readable
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://www.puppet.com/security/cve/cve-2012-3866-lastrunreportyaml-world-readable
10
reference_url http://www.debian.org/security/2012/dsa-2511
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2511
11
reference_url http://www.ubuntu.com/usn/USN-1506-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1506-1
12
reference_url http://puppetlabs.com/security/cve/cve-2012-3866/
reference_id CVE-2012-3866
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2012-3866/
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3866
reference_id CVE-2012-3866
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3866
14
reference_url https://github.com/advisories/GHSA-8jxj-9r5f-w3m2
reference_id GHSA-8jxj-9r5f-w3m2
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8jxj-9r5f-w3m2
15
reference_url https://usn.ubuntu.com/1506-1/
reference_id USN-1506-1
reference_type
scores
url https://usn.ubuntu.com/1506-1/
fixed_packages
0
url pkg:deb/debian/puppet@2.7.18-1?distro=bullseye
purl pkg:deb/debian/puppet@2.7.18-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@2.7.18-1%3Fdistro=bullseye
1
url pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
purl pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@5.5.22-2%3Fdistro=bullseye
aliases CVE-2012-3866, GHSA-8jxj-9r5f-w3m2
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vgbw-4yuu-57fz
4
url VCID-wage-71h9-6qay
vulnerability_id VCID-wage-71h9-6qay
summary 
Moderate severity vulnerability that affects puppet
lib/puppet/ssl/certificate_authority.rb in Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, does not properly restrict the characters in the Common Name field of a Certificate Signing Request (CSR), which makes it easier for user-assisted remote attackers to trick administrators into signing a crafted agent certificate via ANSI control sequences.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html
2
reference_url http://puppetlabs.com/security/cve/cve-2012-3867
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2012-3867
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3867.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-3867.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-3867
reference_id
reference_type
scores
0
value 0.01418
scoring_system epss
scoring_elements 0.80599
published_at 2026-04-16T12:55:00Z
1
value 0.01418
scoring_system epss
scoring_elements 0.80571
published_at 2026-04-13T12:55:00Z
2
value 0.01418
scoring_system epss
scoring_elements 0.80578
published_at 2026-04-12T12:55:00Z
3
value 0.01418
scoring_system epss
scoring_elements 0.80544
published_at 2026-04-04T12:55:00Z
4
value 0.01418
scoring_system epss
scoring_elements 0.80604
published_at 2026-04-21T12:55:00Z
5
value 0.01418
scoring_system epss
scoring_elements 0.80601
published_at 2026-04-18T12:55:00Z
6
value 0.01418
scoring_system epss
scoring_elements 0.80536
published_at 2026-04-07T12:55:00Z
7
value 0.01418
scoring_system epss
scoring_elements 0.80592
published_at 2026-04-11T12:55:00Z
8
value 0.01418
scoring_system epss
scoring_elements 0.80575
published_at 2026-04-09T12:55:00Z
9
value 0.01418
scoring_system epss
scoring_elements 0.80565
published_at 2026-04-08T12:55:00Z
10
value 0.01418
scoring_system epss
scoring_elements 0.80516
published_at 2026-04-01T12:55:00Z
11
value 0.01418
scoring_system epss
scoring_elements 0.80522
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-3867
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=839158
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=839158
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3867
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3867
7
reference_url http://secunia.com/advisories/50014
reference_id
reference_type
scores
url http://secunia.com/advisories/50014
8
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
9
reference_url https://github.com/puppetlabs/puppet/commit/dfedaa5fa841ccf335245a748b347b7c7c236640
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/dfedaa5fa841ccf335245a748b347b7c7c236640
10
reference_url https://github.com/puppetlabs/puppet/commit/f3419620b42080dad3b0be14470b20a972f13c50
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/f3419620b42080dad3b0be14470b20a972f13c50
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3867.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-3867.yml
12
reference_url https://www.puppet.com/security/cve/cve-2012-3867-insufficient-input-validation
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.puppet.com/security/cve/cve-2012-3867-insufficient-input-validation
13
reference_url http://www.debian.org/security/2012/dsa-2511
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2511
14
reference_url http://www.ubuntu.com/usn/USN-1506-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1506-1
15
reference_url http://puppetlabs.com/security/cve/cve-2012-3867/
reference_id CVE-2012-3867
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2012-3867/
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-3867
reference_id CVE-2012-3867
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-3867
17
reference_url https://github.com/advisories/GHSA-q44r-f2hm-v76v
reference_id GHSA-q44r-f2hm-v76v
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q44r-f2hm-v76v
18
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
19
reference_url https://usn.ubuntu.com/1506-1/
reference_id USN-1506-1
reference_type
scores
url https://usn.ubuntu.com/1506-1/
fixed_packages
0
url pkg:deb/debian/puppet@2.7.18-1?distro=bullseye
purl pkg:deb/debian/puppet@2.7.18-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@2.7.18-1%3Fdistro=bullseye
1
url pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
purl pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@5.5.22-2%3Fdistro=bullseye
aliases CVE-2012-3867, GHSA-q44r-f2hm-v76v
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wage-71h9-6qay
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@2.7.18-1%3Fdistro=bullseye