| 0 |
| url |
VCID-1fe1-sdn1-jfcw |
| vulnerability_id |
VCID-1fe1-sdn1-jfcw |
| summary |
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the add_issue_notes permission requirement by leveraging the incoming mail handler. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-31864 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44255 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44212 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.4428 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44302 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44235 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44288 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44292 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.4431 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44278 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44277 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44335 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00217 |
| scoring_system |
epss |
| scoring_elements |
0.44326 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-31864 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-31864
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1fe1-sdn1-jfcw |
|
| 1 |
| url |
VCID-26sk-sat8-gbfq |
| vulnerability_id |
VCID-26sk-sat8-gbfq |
| summary |
Redmine 0.8.7 and earlier uses the title tag before defining the character encoding in a meta tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks and inject arbitrary script via UTF-7 encoded values in the title parameter to a new issue page, which may be interpreted as script by Internet Explorer 7 and 8. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-4459 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.5098 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.51033 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.51058 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.51015 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.51072 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.51069 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.51113 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.51092 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.51076 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.51114 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.5112 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00276 |
| scoring_system |
epss |
| scoring_elements |
0.51097 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-4459 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-4459
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-26sk-sat8-gbfq |
|
| 2 |
| url |
VCID-2fwd-ykd8-bbge |
| vulnerability_id |
VCID-2fwd-ykd8-bbge |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15571 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66739 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66754 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66626 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66666 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66693 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66665 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66715 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.6673 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66749 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66736 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66707 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.6674 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15571 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-15571
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2fwd-ykd8-bbge |
|
| 3 |
| url |
VCID-2k56-5ddy-qqdf |
| vulnerability_id |
VCID-2k56-5ddy-qqdf |
| summary |
Open redirect vulnerability in the redirect_back_or_default function in app/controllers/application_controller.rb in Redmine before 2.4.5 and 2.5.x before 2.5.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the back url (back_url parameter). |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2014-1985 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.82792 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.82808 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.82822 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.82818 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.82843 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.82849 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.82865 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.8286 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.82856 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.82895 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.82894 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.01817 |
| scoring_system |
epss |
| scoring_elements |
0.82897 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2014-1985 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2014-1985
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2k56-5ddy-qqdf |
|
| 4 |
| url |
VCID-2mcw-11ja-gfbm |
| vulnerability_id |
VCID-2mcw-11ja-gfbm |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-17427 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.01826 |
| scoring_system |
epss |
| scoring_elements |
0.82932 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.01826 |
| scoring_system |
epss |
| scoring_elements |
0.82929 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.01826 |
| scoring_system |
epss |
| scoring_elements |
0.82825 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.01826 |
| scoring_system |
epss |
| scoring_elements |
0.82841 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.01826 |
| scoring_system |
epss |
| scoring_elements |
0.82854 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.01826 |
| scoring_system |
epss |
| scoring_elements |
0.82851 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.01826 |
| scoring_system |
epss |
| scoring_elements |
0.82876 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.01826 |
| scoring_system |
epss |
| scoring_elements |
0.82883 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.01826 |
| scoring_system |
epss |
| scoring_elements |
0.82899 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.01826 |
| scoring_system |
epss |
| scoring_elements |
0.82894 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.01826 |
| scoring_system |
epss |
| scoring_elements |
0.82889 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-17427 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-17427
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2mcw-11ja-gfbm |
|
| 5 |
| url |
VCID-3xup-fkaz-e7hu |
| vulnerability_id |
VCID-3xup-fkaz-e7hu |
| summary |
A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and classified as problematic. This vulnerability affects unknown code of the component Custom Query Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 6.0.4 is able to address this issue. It is recommended to upgrade the affected component. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2025-4011 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40361 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40242 |
| published_at |
2026-04-21T12:55:00Z |
|
| 2 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40318 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.4035 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40303 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40323 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.4036 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40349 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40337 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40286 |
| published_at |
2026-04-07T12:55:00Z |
|
| 10 |
| value |
0.00185 |
| scoring_system |
epss |
| scoring_elements |
0.40336 |
| published_at |
2026-04-02T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2025-4011 |
|
| 1 |
| reference_url |
https://www.redmine.org/versions/206 |
| reference_id |
206 |
| reference_type |
|
| scores |
| 0 |
| value |
4 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:S/C:N/I:P/A:N |
|
| 1 |
| value |
3.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
3.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 3 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T16:11:44Z/ |
|
|
| url |
https://www.redmine.org/versions/206 |
|
| 2 |
| reference_url |
https://www.redmine.org/issues/42238 |
| reference_id |
42238 |
| reference_type |
|
| scores |
| 0 |
| value |
4 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:S/C:N/I:P/A:N |
|
| 1 |
| value |
3.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
3.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 3 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T16:11:44Z/ |
|
|
| url |
https://www.redmine.org/issues/42238 |
|
| 3 |
| reference_url |
https://vuldb.com/?ctiid.306364 |
| reference_id |
?ctiid.306364 |
| reference_type |
|
| scores |
| 0 |
| value |
4 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:S/C:N/I:P/A:N |
|
| 1 |
| value |
3.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
3.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 3 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T16:11:44Z/ |
|
|
| url |
https://vuldb.com/?ctiid.306364 |
|
| 4 |
| reference_url |
https://vuldb.com/?id.306364 |
| reference_id |
?id.306364 |
| reference_type |
|
| scores |
| 0 |
| value |
4 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:S/C:N/I:P/A:N |
|
| 1 |
| value |
3.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
3.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 3 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T16:11:44Z/ |
|
|
| url |
https://vuldb.com/?id.306364 |
|
| 5 |
| reference_url |
https://vuldb.com/?submit.558240 |
| reference_id |
?submit.558240 |
| reference_type |
|
| scores |
| 0 |
| value |
4 |
| scoring_system |
cvssv2 |
| scoring_elements |
AV:N/AC:L/Au:S/C:N/I:P/A:N |
|
| 1 |
| value |
3.5 |
| scoring_system |
cvssv3 |
| scoring_elements |
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 2 |
| value |
3.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N |
|
| 3 |
| value |
5.1 |
| scoring_system |
cvssv4 |
| scoring_elements |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N |
|
| 4 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-28T16:11:44Z/ |
|
|
| url |
https://vuldb.com/?submit.558240 |
|
|
| fixed_packages |
|
| aliases |
CVE-2025-4011
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3xup-fkaz-e7hu |
|
| 6 |
| url |
VCID-47ng-dbbf-m7h3 |
| vulnerability_id |
VCID-47ng-dbbf-m7h3 |
| summary |
Redmine before 3.4.13 and 4.x before 4.0.6 mishandles markup data during Textile formatting. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-25026 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.62777 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.62835 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.62865 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.62828 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.6288 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.62896 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.62914 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.62903 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.62881 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.62922 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.6293 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00435 |
| scoring_system |
epss |
| scoring_elements |
0.62909 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-25026 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-25026
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-47ng-dbbf-m7h3 |
|
| 7 |
| url |
VCID-5gc4-5aez-q3b4 |
| vulnerability_id |
VCID-5gc4-5aez-q3b4 |
| summary |
Unspecified vulnerability in the bazaar repository adapter in Redmine 1.0.x before 1.0.5 allows remote authenticated users to obtain sensitive information via unknown vectors. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4927 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00225 |
| scoring_system |
epss |
| scoring_elements |
0.4522 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00225 |
| scoring_system |
epss |
| scoring_elements |
0.45084 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00225 |
| scoring_system |
epss |
| scoring_elements |
0.45165 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00225 |
| scoring_system |
epss |
| scoring_elements |
0.45187 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00225 |
| scoring_system |
epss |
| scoring_elements |
0.4513 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00225 |
| scoring_system |
epss |
| scoring_elements |
0.45183 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00225 |
| scoring_system |
epss |
| scoring_elements |
0.45184 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00225 |
| scoring_system |
epss |
| scoring_elements |
0.45205 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00225 |
| scoring_system |
epss |
| scoring_elements |
0.45172 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00225 |
| scoring_system |
epss |
| scoring_elements |
0.45174 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00225 |
| scoring_system |
epss |
| scoring_elements |
0.45226 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4927 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-4927
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5gc4-5aez-q3b4 |
|
| 8 |
| url |
VCID-5j9e-c844-zuh1 |
| vulnerability_id |
VCID-5j9e-c844-zuh1 |
| summary |
Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-44030 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.5748 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57478 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57505 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57501 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57448 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57471 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57447 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.575 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57504 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57519 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.0035 |
| scoring_system |
epss |
| scoring_elements |
0.57497 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-44030 |
|
| 1 |
|
| 2 |
| reference_url |
https://www.redmine.org/news/139 |
| reference_id |
139 |
| reference_type |
|
| scores |
| 0 |
| value |
7.5 |
| scoring_system |
cvssv3.1 |
| scoring_elements |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
|
| 1 |
| value |
Track |
| scoring_system |
ssvc |
| scoring_elements |
SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-23T16:15:17Z/ |
|
|
| url |
https://www.redmine.org/news/139 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-44030
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5j9e-c844-zuh1 |
|
| 9 |
| url |
VCID-65km-m9kb-m3d3 |
| vulnerability_id |
VCID-65km-m9kb-m3d3 |
| summary |
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in a Markdown formatter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-47258 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61663 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61578 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61607 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61626 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61641 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61662 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61651 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61631 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61673 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61678 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-47258 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-47258
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-65km-m9kb-m3d3 |
|
| 10 |
| url |
VCID-6p27-dume-v7gu |
| vulnerability_id |
VCID-6p27-dume-v7gu |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15568 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62661 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62679 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62524 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62582 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62614 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.6258 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.6263 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62646 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62664 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62652 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62629 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62671 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15568 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-15568
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6p27-dume-v7gu |
|
| 11 |
| url |
VCID-6zc2-q7mb-fbf7 |
| vulnerability_id |
VCID-6zc2-q7mb-fbf7 |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15574 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59548 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59568 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59414 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59486 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59512 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59479 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.5953 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59542 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59561 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59545 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59526 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15574 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-15574
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6zc2-q7mb-fbf7 |
|
| 12 |
| url |
VCID-7nsr-5xpe-vke4 |
| vulnerability_id |
VCID-7nsr-5xpe-vke4 |
| summary |
Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal authentication keys by observing timing differences in string comparison operations within SysController and MailHandlerController. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-31866 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63306 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63196 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63255 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63284 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63249 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.633 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63318 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63335 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63319 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63283 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00442 |
| scoring_system |
epss |
| scoring_elements |
0.63327 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-31866 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-31866
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7nsr-5xpe-vke4 |
|
| 13 |
| url |
VCID-85ra-prcs-7yh6 |
| vulnerability_id |
VCID-85ra-prcs-7yh6 |
| summary |
Cross-site request forgery (CSRF) vulnerability in Redmine 0.8.5 and earlier allows remote attackers to hijack the authentication of users for requests that delete a ticket via unspecified vectors. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-4079 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50282 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50338 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50367 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50317 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50369 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50362 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50404 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50381 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50412 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50415 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00269 |
| scoring_system |
epss |
| scoring_elements |
0.50392 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-4079 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-4079
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-85ra-prcs-7yh6 |
|
| 14 |
| url |
VCID-8cvp-423x-qfga |
| vulnerability_id |
VCID-8cvp-423x-qfga |
| summary |
Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to bypass the add_issue_notes permission requirement by leveraging the Issues API. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-30164 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43324 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43276 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43333 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43361 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43299 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43351 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43366 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43387 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43355 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.4334 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.434 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00209 |
| scoring_system |
epss |
| scoring_elements |
0.43389 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-30164 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-30164
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8cvp-423x-qfga |
|
| 15 |
| url |
VCID-8t1e-fc2y-ayck |
| vulnerability_id |
VCID-8t1e-fc2y-ayck |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8537 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64353 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64362 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64239 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64297 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64325 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64282 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.6433 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64345 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64357 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64346 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64317 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64351 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8537 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-8537
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8t1e-fc2y-ayck |
|
| 16 |
| url |
VCID-8trg-1f24-mff1 |
| vulnerability_id |
VCID-8trg-1f24-mff1 |
| summary |
Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-44031 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71334 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71355 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71265 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71283 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71258 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71299 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71313 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71335 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.7132 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71304 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.7135 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-44031 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-44031
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8trg-1f24-mff1 |
|
| 17 |
| url |
VCID-9th3-z1tc-k7cf |
| vulnerability_id |
VCID-9th3-z1tc-k7cf |
| summary |
Redmine before 1.3.2 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set attributes in the (1) Comment, (2) Document, (3) IssueCategory, (4) MembersController, (5) Message, (6) News, (7) TimeEntry, (8) Version, (9) Wiki, (10) UserPreference, or (11) Board model via a modified URL, related to a "mass assignment" vulnerability, a different vulnerability than CVE-2012-0327. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-2054 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00274 |
| scoring_system |
epss |
| scoring_elements |
0.50771 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00274 |
| scoring_system |
epss |
| scoring_elements |
0.50827 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00274 |
| scoring_system |
epss |
| scoring_elements |
0.50853 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00274 |
| scoring_system |
epss |
| scoring_elements |
0.50811 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00274 |
| scoring_system |
epss |
| scoring_elements |
0.50868 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00274 |
| scoring_system |
epss |
| scoring_elements |
0.50866 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00274 |
| scoring_system |
epss |
| scoring_elements |
0.50907 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.00274 |
| scoring_system |
epss |
| scoring_elements |
0.50886 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00274 |
| scoring_system |
epss |
| scoring_elements |
0.50869 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00274 |
| scoring_system |
epss |
| scoring_elements |
0.50913 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00274 |
| scoring_system |
epss |
| scoring_elements |
0.50892 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-2054 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-2054
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9th3-z1tc-k7cf |
|
| 18 |
| url |
VCID-a2t5-u2dx-5fc2 |
| vulnerability_id |
VCID-a2t5-u2dx-5fc2 |
| summary |
Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows users to circumvent the allowed filename extensions of uploaded attachments. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-31865 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60174 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60003 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60081 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60105 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60075 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60125 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60139 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.6016 |
| published_at |
2026-04-21T12:55:00Z |
|
| 8 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60145 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60128 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00391 |
| scoring_system |
epss |
| scoring_elements |
0.60167 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-31865 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-31865
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-a2t5-u2dx-5fc2 |
|
| 19 |
| url |
VCID-b2yh-snxf-6uft |
| vulnerability_id |
VCID-b2yh-snxf-6uft |
| summary |
Redmine before 4.0.7 and 4.1.x before 4.1.1 has stored XSS via textile inline links. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-36307 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56558 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56654 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56675 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56706 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.5671 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56719 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56694 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56673 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56704 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56702 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56674 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-36307 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-36307
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-b2yh-snxf-6uft |
|
| 20 |
| url |
VCID-bh4v-9j9j-8ya1 |
| vulnerability_id |
VCID-bh4v-9j9j-8ya1 |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15569 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62661 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62679 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62524 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62582 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62614 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.6258 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.6263 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62646 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62664 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62652 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62629 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00432 |
| scoring_system |
epss |
| scoring_elements |
0.62671 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15569 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-15569
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bh4v-9j9j-8ya1 |
|
| 21 |
| url |
VCID-bv77-7wru-cygd |
| vulnerability_id |
VCID-bv77-7wru-cygd |
| summary |
Cross-site scripting (XSS) vulnerability in the textile formatter in Redmine before 1.0.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4928 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48998 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48889 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48926 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48952 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48906 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.4896 |
| published_at |
2026-04-21T12:55:00Z |
|
| 6 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48958 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48974 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48948 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.48956 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00256 |
| scoring_system |
epss |
| scoring_elements |
0.49002 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4928 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
| 29 |
|
| 30 |
|
| 31 |
|
| 32 |
|
| 33 |
|
| 34 |
|
| 35 |
|
| 36 |
|
| 37 |
|
| 38 |
|
| 39 |
|
| 40 |
|
| 41 |
|
| 42 |
|
| 43 |
|
| 44 |
|
| 45 |
|
| 46 |
|
| 47 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-4928
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-bv77-7wru-cygd |
|
| 22 |
| url |
VCID-frcf-zk52-h7ft |
| vulnerability_id |
VCID-frcf-zk52-h7ft |
| summary |
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS in the Textile formatter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-47259 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61663 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61578 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61607 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61626 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61641 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61662 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61651 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61631 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61673 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00415 |
| scoring_system |
epss |
| scoring_elements |
0.61678 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-47259 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-47259
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-frcf-zk52-h7ft |
|
| 23 |
| url |
VCID-gagk-z8js-9kgm |
| vulnerability_id |
VCID-gagk-z8js-9kgm |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15576 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67553 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67575 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67451 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67487 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67508 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67486 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67537 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67552 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67574 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.6756 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67527 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67562 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15576 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-15576
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gagk-z8js-9kgm |
|
| 24 |
| url |
VCID-ghu6-c695-rqf9 |
| vulnerability_id |
VCID-ghu6-c695-rqf9 |
| summary |
Redmine before 4.1.5 and 4.2.x before 4.2.3 may disclose the names of users on activity views due to an insufficient access filter. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-42326 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00506 |
| scoring_system |
epss |
| scoring_elements |
0.66264 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00506 |
| scoring_system |
epss |
| scoring_elements |
0.66139 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00506 |
| scoring_system |
epss |
| scoring_elements |
0.6618 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00506 |
| scoring_system |
epss |
| scoring_elements |
0.66207 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00506 |
| scoring_system |
epss |
| scoring_elements |
0.66176 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00506 |
| scoring_system |
epss |
| scoring_elements |
0.66224 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00506 |
| scoring_system |
epss |
| scoring_elements |
0.66237 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00506 |
| scoring_system |
epss |
| scoring_elements |
0.66257 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00506 |
| scoring_system |
epss |
| scoring_elements |
0.66245 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00506 |
| scoring_system |
epss |
| scoring_elements |
0.66214 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00506 |
| scoring_system |
epss |
| scoring_elements |
0.66249 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-42326 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-42326
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ghu6-c695-rqf9 |
|
| 25 |
| url |
VCID-hwb5-sw11-ykcg |
| vulnerability_id |
VCID-hwb5-sw11-ykcg |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8474 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58533 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58554 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58404 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58489 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58509 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.5848 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58532 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58539 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58555 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58536 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58516 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00365 |
| scoring_system |
epss |
| scoring_elements |
0.58549 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8474 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-8474
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-hwb5-sw11-ykcg |
|
| 26 |
| url |
VCID-j88j-cdx3-a3ch |
| vulnerability_id |
VCID-j88j-cdx3-a3ch |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-16804 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00345 |
| scoring_system |
epss |
| scoring_elements |
0.57114 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00345 |
| scoring_system |
epss |
| scoring_elements |
0.57135 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00345 |
| scoring_system |
epss |
| scoring_elements |
0.56995 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00345 |
| scoring_system |
epss |
| scoring_elements |
0.57089 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00345 |
| scoring_system |
epss |
| scoring_elements |
0.57112 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00345 |
| scoring_system |
epss |
| scoring_elements |
0.57139 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00345 |
| scoring_system |
epss |
| scoring_elements |
0.57141 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00345 |
| scoring_system |
epss |
| scoring_elements |
0.57153 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00345 |
| scoring_system |
epss |
| scoring_elements |
0.57132 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00345 |
| scoring_system |
epss |
| scoring_elements |
0.5714 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-16804 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-16804
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-j88j-cdx3-a3ch |
|
| 27 |
| url |
VCID-k8rg-xkps-m3ex |
| vulnerability_id |
VCID-k8rg-xkps-m3ex |
| summary |
Cross-site scripting (XSS) vulnerability in Redmine before 2.6.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving flash message rendering. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8477 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0044 |
| scoring_system |
epss |
| scoring_elements |
0.6308 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0044 |
| scoring_system |
epss |
| scoring_elements |
0.63138 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0044 |
| scoring_system |
epss |
| scoring_elements |
0.63169 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0044 |
| scoring_system |
epss |
| scoring_elements |
0.63133 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0044 |
| scoring_system |
epss |
| scoring_elements |
0.63185 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0044 |
| scoring_system |
epss |
| scoring_elements |
0.63203 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.0044 |
| scoring_system |
epss |
| scoring_elements |
0.6322 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0044 |
| scoring_system |
epss |
| scoring_elements |
0.63204 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0044 |
| scoring_system |
epss |
| scoring_elements |
0.63167 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0044 |
| scoring_system |
epss |
| scoring_elements |
0.63211 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.0044 |
| scoring_system |
epss |
| scoring_elements |
0.63191 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8477 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-8477
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-k8rg-xkps-m3ex |
|
| 28 |
| url |
VCID-kmja-ehjr-e3cx |
| vulnerability_id |
VCID-kmja-ehjr-e3cx |
| summary |
Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-44637 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71334 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71355 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71265 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71283 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71258 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71299 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71313 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71335 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.7132 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.71304 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00669 |
| scoring_system |
epss |
| scoring_elements |
0.7135 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-44637 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2022-44637
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kmja-ehjr-e3cx |
|
| 29 |
| url |
VCID-kx78-85xx-yuav |
| vulnerability_id |
VCID-kx78-85xx-yuav |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15573 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59548 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59568 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59414 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59486 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59512 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59479 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.5953 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59542 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59561 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59545 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00381 |
| scoring_system |
epss |
| scoring_elements |
0.59526 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15573 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-15573
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kx78-85xx-yuav |
|
| 30 |
| url |
VCID-m3kp-h2d7-h3ap |
| vulnerability_id |
VCID-m3kp-h2d7-h3ap |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-18026 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.73135 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.73143 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.73038 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.73048 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.73068 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.73043 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.7308 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.73092 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.73117 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.73097 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.7309 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00747 |
| scoring_system |
epss |
| scoring_elements |
0.73133 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-18026 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-18026
|
| risk_score |
4.0 |
| exploitability |
0.5 |
| weighted_severity |
7.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-m3kp-h2d7-h3ap |
|
| 31 |
| url |
VCID-mf6v-q1bw-tyce |
| vulnerability_id |
VCID-mf6v-q1bw-tyce |
| summary |
In Redmine before 3.2.3, there are stored XSS vulnerabilities affecting Textile and Markdown text formatting, and project homepages. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2016-10515 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57691 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57712 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57572 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57656 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57678 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57654 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57708 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57711 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57726 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57705 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57686 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00353 |
| scoring_system |
epss |
| scoring_elements |
0.57715 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2016-10515 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2016-10515
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mf6v-q1bw-tyce |
|
| 32 |
| url |
VCID-p2vy-dhe9-jyaa |
| vulnerability_id |
VCID-p2vy-dhe9-jyaa |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8473 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00465 |
| scoring_system |
epss |
| scoring_elements |
0.64385 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00465 |
| scoring_system |
epss |
| scoring_elements |
0.64394 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00465 |
| scoring_system |
epss |
| scoring_elements |
0.6427 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00465 |
| scoring_system |
epss |
| scoring_elements |
0.64327 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00465 |
| scoring_system |
epss |
| scoring_elements |
0.64355 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00465 |
| scoring_system |
epss |
| scoring_elements |
0.64313 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00465 |
| scoring_system |
epss |
| scoring_elements |
0.64361 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00465 |
| scoring_system |
epss |
| scoring_elements |
0.64376 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00465 |
| scoring_system |
epss |
| scoring_elements |
0.64389 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00465 |
| scoring_system |
epss |
| scoring_elements |
0.64347 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00465 |
| scoring_system |
epss |
| scoring_elements |
0.64383 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8473 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-8473
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-p2vy-dhe9-jyaa |
|
| 33 |
| url |
VCID-pe8x-mqwn-gbaa |
| vulnerability_id |
VCID-pe8x-mqwn-gbaa |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8346 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64353 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64362 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64239 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64297 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64325 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64282 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.6433 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64345 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64357 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64346 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64317 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64351 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2015-8346 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2015-8346
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pe8x-mqwn-gbaa |
|
| 34 |
| url |
VCID-pwfc-n1q7-b7e4 |
| vulnerability_id |
VCID-pwfc-n1q7-b7e4 |
| summary |
Redmine 4.2.0 and 4.2.1 allow existing user sessions to continue upon enabling two-factor authentication for the user's account, but the intended behavior is for those sessions to be terminated. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-37156 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.4806 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47989 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48027 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48048 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.47998 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48051 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48044 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48069 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48045 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48057 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48109 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.00248 |
| scoring_system |
epss |
| scoring_elements |
0.48104 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-37156 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-37156
|
| risk_score |
3.1 |
| exploitability |
0.5 |
| weighted_severity |
6.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-pwfc-n1q7-b7e4 |
|
| 35 |
| url |
VCID-r8j4-1ux4-6ycy |
| vulnerability_id |
VCID-r8j4-1ux4-6ycy |
| summary |
Insufficient input validation in the Git repository integration of Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows Redmine users to read arbitrary local files accessible by the application server process. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-31863 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73909 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73819 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73828 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73853 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73824 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73858 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73871 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73893 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73874 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73866 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73908 |
| published_at |
2026-04-16T12:55:00Z |
|
| 11 |
| value |
0.0079 |
| scoring_system |
epss |
| scoring_elements |
0.73917 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-31863 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-31863
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r8j4-1ux4-6ycy |
|
| 36 |
| url |
VCID-rf3d-ve7z-53ek |
| vulnerability_id |
VCID-rf3d-ve7z-53ek |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15570 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66739 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66754 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66626 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66666 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66693 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66665 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66715 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.6673 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66749 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66736 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.66707 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00517 |
| scoring_system |
epss |
| scoring_elements |
0.6674 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15570 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
| 22 |
|
| 23 |
|
| 24 |
|
| 25 |
|
| 26 |
|
| 27 |
|
| 28 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-15570
|
| risk_score |
2.8 |
| exploitability |
0.5 |
| weighted_severity |
5.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rf3d-ve7z-53ek |
|
| 37 |
| url |
VCID-rhz3-bz8y-p7an |
| vulnerability_id |
VCID-rhz3-bz8y-p7an |
| summary |
Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time entries. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-36308 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0045 |
| scoring_system |
epss |
| scoring_elements |
0.63565 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.0045 |
| scoring_system |
epss |
| scoring_elements |
0.63625 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0045 |
| scoring_system |
epss |
| scoring_elements |
0.63651 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0045 |
| scoring_system |
epss |
| scoring_elements |
0.63611 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0045 |
| scoring_system |
epss |
| scoring_elements |
0.63663 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0045 |
| scoring_system |
epss |
| scoring_elements |
0.63679 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.0045 |
| scoring_system |
epss |
| scoring_elements |
0.63694 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0045 |
| scoring_system |
epss |
| scoring_elements |
0.63645 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.0045 |
| scoring_system |
epss |
| scoring_elements |
0.63682 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.0045 |
| scoring_system |
epss |
| scoring_elements |
0.63692 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.0045 |
| scoring_system |
epss |
| scoring_elements |
0.63675 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-36308 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-36308
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-rhz3-bz8y-p7an |
|
| 38 |
| url |
VCID-sw97-t1zg-13b1 |
| vulnerability_id |
VCID-sw97-t1zg-13b1 |
| summary |
Redmine before 4.0.7 and 4.1.x before 4.1.1 has XSS via the back_url field. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2020-36306 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56558 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56654 |
| published_at |
2026-04-07T12:55:00Z |
|
| 2 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56675 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56706 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.5671 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56719 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56694 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56673 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56704 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56702 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00339 |
| scoring_system |
epss |
| scoring_elements |
0.56674 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2020-36306 |
|
|
| fixed_packages |
|
| aliases |
CVE-2020-36306
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-sw97-t1zg-13b1 |
|
| 39 |
| url |
VCID-tfsu-xjfx-1qfs |
| vulnerability_id |
VCID-tfsu-xjfx-1qfs |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15575 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72436 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72448 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72352 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72358 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72376 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72353 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72392 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72404 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72428 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72411 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72398 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00717 |
| scoring_system |
epss |
| scoring_elements |
0.72439 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15575 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-15575
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tfsu-xjfx-1qfs |
|
| 40 |
| url |
VCID-tu21-t1wh-zuev |
| vulnerability_id |
VCID-tu21-t1wh-zuev |
| summary |
Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-47260 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00542 |
| scoring_system |
epss |
| scoring_elements |
0.67713 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00542 |
| scoring_system |
epss |
| scoring_elements |
0.67641 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00542 |
| scoring_system |
epss |
| scoring_elements |
0.67662 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00542 |
| scoring_system |
epss |
| scoring_elements |
0.67642 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00542 |
| scoring_system |
epss |
| scoring_elements |
0.67693 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00542 |
| scoring_system |
epss |
| scoring_elements |
0.67708 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00542 |
| scoring_system |
epss |
| scoring_elements |
0.67731 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00542 |
| scoring_system |
epss |
| scoring_elements |
0.67716 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00542 |
| scoring_system |
epss |
| scoring_elements |
0.67683 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00542 |
| scoring_system |
epss |
| scoring_elements |
0.67719 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00542 |
| scoring_system |
epss |
| scoring_elements |
0.67732 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-47260 |
|
| 1 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-47260
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tu21-t1wh-zuev |
|
| 41 |
| url |
VCID-tx8x-3rud-ykby |
| vulnerability_id |
VCID-tx8x-3rud-ykby |
| summary |
Cross-site scripting (XSS) vulnerability in Redmine before 1.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2012-0327 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.57975 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.5806 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.58082 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.58056 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.58111 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.58115 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.58131 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.58108 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.58087 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.58118 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.58119 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00359 |
| scoring_system |
epss |
| scoring_elements |
0.58094 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2012-0327 |
|
|
| fixed_packages |
|
| aliases |
CVE-2012-0327
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-tx8x-3rud-ykby |
|
| 42 |
| url |
VCID-u87x-ypam-zyft |
| vulnerability_id |
VCID-u87x-ypam-zyft |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15572 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.68991 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.69011 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.68895 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.68912 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.68933 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.68913 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.68963 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.68982 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.69004 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.68989 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.6896 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00583 |
| scoring_system |
epss |
| scoring_elements |
0.69001 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15572 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-15572
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-u87x-ypam-zyft |
|
| 43 |
| url |
VCID-vbfb-96wd-wbbb |
| vulnerability_id |
VCID-vbfb-96wd-wbbb |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18890 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.27968 |
| scoring_system |
epss |
| scoring_elements |
0.96482 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.27968 |
| scoring_system |
epss |
| scoring_elements |
0.9648 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.27968 |
| scoring_system |
epss |
| scoring_elements |
0.96435 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.27968 |
| scoring_system |
epss |
| scoring_elements |
0.96442 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.27968 |
| scoring_system |
epss |
| scoring_elements |
0.96447 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.27968 |
| scoring_system |
epss |
| scoring_elements |
0.9645 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.27968 |
| scoring_system |
epss |
| scoring_elements |
0.96458 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.27968 |
| scoring_system |
epss |
| scoring_elements |
0.96461 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.27968 |
| scoring_system |
epss |
| scoring_elements |
0.96466 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.27968 |
| scoring_system |
epss |
| scoring_elements |
0.96469 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.27968 |
| scoring_system |
epss |
| scoring_elements |
0.96476 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2019-18890 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
|
| fixed_packages |
|
| aliases |
CVE-2019-18890
|
| risk_score |
3.0 |
| exploitability |
0.5 |
| weighted_severity |
5.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vbfb-96wd-wbbb |
|
| 44 |
| url |
VCID-vhnh-w8j2-muhy |
| vulnerability_id |
VCID-vhnh-w8j2-muhy |
| summary |
Multiple cross-site scripting (XSS) vulnerabilities in Redmine 0.8.5 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2009-4078 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.72055 |
| published_at |
2026-04-01T12:55:00Z |
|
| 1 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.72062 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.72082 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.72059 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.72096 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.72108 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.7213 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.72115 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.72101 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.72141 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.72149 |
| published_at |
2026-04-18T12:55:00Z |
|
| 11 |
| value |
0.00705 |
| scoring_system |
epss |
| scoring_elements |
0.72135 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2009-4078 |
|
|
| fixed_packages |
|
| aliases |
CVE-2009-4078
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-vhnh-w8j2-muhy |
|
| 45 |
| url |
VCID-x6m2-rpuj-cbdx |
| vulnerability_id |
VCID-x6m2-rpuj-cbdx |
| summary |
security update |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15577 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67553 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67575 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67451 |
| published_at |
2026-04-01T12:55:00Z |
|
| 3 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67487 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67508 |
| published_at |
2026-04-04T12:55:00Z |
|
| 5 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67486 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67537 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67552 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67574 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.6756 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67527 |
| published_at |
2026-04-13T12:55:00Z |
|
| 11 |
| value |
0.00537 |
| scoring_system |
epss |
| scoring_elements |
0.67562 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2017-15577 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
| 21 |
|
|
| fixed_packages |
|
| aliases |
CVE-2017-15577
|
| risk_score |
3.4 |
| exploitability |
0.5 |
| weighted_severity |
6.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-x6m2-rpuj-cbdx |
|
| 46 |
| url |
VCID-yjxe-atwc-6yec |
| vulnerability_id |
VCID-yjxe-atwc-6yec |
| summary |
Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29274 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55386 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55244 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55343 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55368 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55346 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55396 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55407 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55385 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55367 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00323 |
| scoring_system |
epss |
| scoring_elements |
0.55402 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-29274 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-29274
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-yjxe-atwc-6yec |
|
| 47 |
| url |
VCID-zbef-znuk-eqhr |
| vulnerability_id |
VCID-zbef-znuk-eqhr |
| summary |
Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discover the names of private projects if issue-journal details exist that have changes to project_id values. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2021-30163 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00495 |
| scoring_system |
epss |
| scoring_elements |
0.65812 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00495 |
| scoring_system |
epss |
| scoring_elements |
0.65678 |
| published_at |
2026-04-01T12:55:00Z |
|
| 2 |
| value |
0.00495 |
| scoring_system |
epss |
| scoring_elements |
0.65728 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.00495 |
| scoring_system |
epss |
| scoring_elements |
0.65758 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.00495 |
| scoring_system |
epss |
| scoring_elements |
0.65723 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.00495 |
| scoring_system |
epss |
| scoring_elements |
0.65776 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.00495 |
| scoring_system |
epss |
| scoring_elements |
0.65787 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.00495 |
| scoring_system |
epss |
| scoring_elements |
0.65807 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00495 |
| scoring_system |
epss |
| scoring_elements |
0.65793 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.00495 |
| scoring_system |
epss |
| scoring_elements |
0.65763 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.00495 |
| scoring_system |
epss |
| scoring_elements |
0.65798 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2021-30163 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2021-30163
|
| risk_score |
4.5 |
| exploitability |
0.5 |
| weighted_severity |
9.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zbef-znuk-eqhr |
|
| 48 |
| url |
VCID-zkv4-be7g-1uck |
| vulnerability_id |
VCID-zkv4-be7g-1uck |
| summary |
Unspecified vulnerability in the bazaar repository adapter in Redmine 0.9.x and 1.0.x before 1.0.5 allows remote attackers to execute arbitrary commands via unknown vectors. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4929 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.73607 |
| scoring_system |
epss |
| scoring_elements |
0.98817 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.73607 |
| scoring_system |
epss |
| scoring_elements |
0.98797 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.73607 |
| scoring_system |
epss |
| scoring_elements |
0.988 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.73607 |
| scoring_system |
epss |
| scoring_elements |
0.98804 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.73607 |
| scoring_system |
epss |
| scoring_elements |
0.98805 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.73607 |
| scoring_system |
epss |
| scoring_elements |
0.98807 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.73607 |
| scoring_system |
epss |
| scoring_elements |
0.98808 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.73607 |
| scoring_system |
epss |
| scoring_elements |
0.98809 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.73607 |
| scoring_system |
epss |
| scoring_elements |
0.98813 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.73607 |
| scoring_system |
epss |
| scoring_elements |
0.98814 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2011-4929 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
| 5 |
|
| 6 |
|
| 7 |
|
| 8 |
|
| 9 |
|
| 10 |
|
| 11 |
|
| 12 |
|
| 13 |
|
| 14 |
|
| 15 |
|
| 16 |
|
| 17 |
|
| 18 |
|
| 19 |
|
| 20 |
|
|
| fixed_packages |
|
| aliases |
CVE-2011-4929
|
| risk_score |
null |
| exploitability |
null |
| weighted_severity |
null |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zkv4-be7g-1uck |
|