Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-mv4z-k16a-hfgr
SummaryPuppet Enterprise before 3.7.1 allows remote authenticated users to obtain licensing and certificate signing request information by leveraging access to an unspecified API endpoint.
Aliases
0
alias CVE-2014-9355
Fixed_packages
0
url pkg:deb/debian/puppet@0?distro=bullseye
purl pkg:deb/debian/puppet@0?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@0%3Fdistro=bullseye
1
url pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
purl pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@5.5.22-2%3Fdistro=bullseye
Affected_packages
References
0
reference_url http://puppetlabs.com/security/cve/cve-2014-9355
reference_id
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2014-9355
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9355
reference_id
reference_type
scores
0
value 0.00095
scoring_system epss
scoring_elements 0.26253
published_at 2026-04-21T12:55:00Z
1
value 0.00095
scoring_system epss
scoring_elements 0.26415
published_at 2026-04-01T12:55:00Z
2
value 0.00095
scoring_system epss
scoring_elements 0.26465
published_at 2026-04-02T12:55:00Z
3
value 0.00095
scoring_system epss
scoring_elements 0.26509
published_at 2026-04-04T12:55:00Z
4
value 0.00095
scoring_system epss
scoring_elements 0.26284
published_at 2026-04-07T12:55:00Z
5
value 0.00095
scoring_system epss
scoring_elements 0.26352
published_at 2026-04-08T12:55:00Z
6
value 0.00095
scoring_system epss
scoring_elements 0.26402
published_at 2026-04-09T12:55:00Z
7
value 0.00095
scoring_system epss
scoring_elements 0.26411
published_at 2026-04-11T12:55:00Z
8
value 0.00095
scoring_system epss
scoring_elements 0.26364
published_at 2026-04-12T12:55:00Z
9
value 0.00095
scoring_system epss
scoring_elements 0.26306
published_at 2026-04-13T12:55:00Z
10
value 0.00095
scoring_system epss
scoring_elements 0.26316
published_at 2026-04-16T12:55:00Z
11
value 0.00095
scoring_system epss
scoring_elements 0.26289
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9355
2
reference_url http://secunia.com/advisories/61265
reference_id
reference_type
scores
url http://secunia.com/advisories/61265
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-9355
reference_id CVE-2014-9355
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2014-9355
Weaknesses
0
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Exploits
Severity_range_score4.0 - 4.0
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-mv4z-k16a-hfgr