Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/7216?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/7216?format=api", "vulnerability_id": "VCID-5z59-jfr9-y3hj", "summary": "The Execute class in shellutils in logilab-commons before 0.61.0 uses tempfile.mktemp, which allows local users to have an unspecified impact by pre-creating the temporary file.", "aliases": [ { "alias": "CVE-2014-1839" }, { "alias": "GHSA-g5m2-22h2-rr3j" }, { "alias": "PYSEC-2014-84" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/196468?format=api", "purl": "pkg:deb/debian/logilab-common@0.61.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/logilab-common@0.61.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196469?format=api", "purl": "pkg:deb/debian/logilab-common@1.8.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/logilab-common@1.8.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196467?format=api", "purl": "pkg:deb/debian/logilab-common@1.9.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/logilab-common@1.9.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196471?format=api", "purl": "pkg:deb/debian/logilab-common@2.1.0-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/logilab-common@2.1.0-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/196470?format=api", "purl": "pkg:deb/debian/logilab-common@2.1.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/logilab-common@2.1.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/6736?format=api", "purl": "pkg:pypi/logilab-common@0.60.1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.60.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/61943?format=api", "purl": "pkg:pypi/logilab-common@0.61.0", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.61.0" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/6703?format=api", "purl": "pkg:pypi/logilab-common@0.28.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.28.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/6704?format=api", "purl": "pkg:pypi/logilab-common@0.38.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.38.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6705?format=api", "purl": "pkg:pypi/logilab-common@0.38.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.38.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/6706?format=api", "purl": "pkg:pypi/logilab-common@0.39.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.39.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6707?format=api", "purl": "pkg:pypi/logilab-common@0.43.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.43.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6708?format=api", "purl": "pkg:pypi/logilab-common@0.44.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.44.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6709?format=api", "purl": "pkg:pypi/logilab-common@0.46.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.46.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6710?format=api", "purl": "pkg:pypi/logilab-common@0.46.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.46.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/6711?format=api", "purl": "pkg:pypi/logilab-common@0.47.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.47.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6712?format=api", "purl": "pkg:pypi/logilab-common@0.48.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.48.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/6713?format=api", "purl": "pkg:pypi/logilab-common@0.49.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.49.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6714?format=api", "purl": "pkg:pypi/logilab-common@0.50.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.50.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6715?format=api", "purl": "pkg:pypi/logilab-common@0.50.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.50.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/6716?format=api", "purl": "pkg:pypi/logilab-common@0.50.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.50.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/6717?format=api", "purl": "pkg:pypi/logilab-common@0.50.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.50.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/6718?format=api", "purl": "pkg:pypi/logilab-common@0.51.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.51.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6719?format=api", "purl": "pkg:pypi/logilab-common@0.51.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.51.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/6720?format=api", "purl": "pkg:pypi/logilab-common@0.52.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.52.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6721?format=api", "purl": "pkg:pypi/logilab-common@0.52.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.52.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/6722?format=api", "purl": "pkg:pypi/logilab-common@0.53.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.53.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6723?format=api", "purl": "pkg:pypi/logilab-common@0.54.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.54.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6724?format=api", "purl": "pkg:pypi/logilab-common@0.55.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.55.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6725?format=api", "purl": "pkg:pypi/logilab-common@0.55.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.55.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/6726?format=api", "purl": "pkg:pypi/logilab-common@0.56.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.56.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6727?format=api", "purl": "pkg:pypi/logilab-common@0.56.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.56.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/6728?format=api", "purl": "pkg:pypi/logilab-common@0.56.2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.56.2" }, { "url": "http://public2.vulnerablecode.io/api/packages/6729?format=api", "purl": "pkg:pypi/logilab-common@0.57.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.57.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6730?format=api", "purl": "pkg:pypi/logilab-common@0.57.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.57.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/6731?format=api", "purl": "pkg:pypi/logilab-common@0.58.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.58.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/6732?format=api", "purl": "pkg:pypi/logilab-common@0.58.3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.58.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/6733?format=api", "purl": "pkg:pypi/logilab-common@0.59.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.59.0" }, { "url": "http://public2.vulnerablecode.io/api/packages/6734?format=api", "purl": "pkg:pypi/logilab-common@0.59.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.59.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/6735?format=api", "purl": "pkg:pypi/logilab-common@0.60.0", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-4tzc-1ykk-uydm" }, { "vulnerability": "VCID-5z59-jfr9-y3hj" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:pypi/logilab-common@0.60.0" } ], "references": [ { "reference_url": "http://comments.gmane.org/gmane.comp.security.oss.general/11986", "reference_id": "", "reference_type": "", "scores": [], "url": "http://comments.gmane.org/gmane.comp.security.oss.general/11986" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00085.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2014-02/msg00085.html" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00061", "scoring_system": "epss", "scoring_elements": "0.19397", "published_at": "2026-05-30T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1839" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737051" }, { "reference_url": "http://secunia.com/advisories/57209", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/57209" }, { "reference_url": "https://github.com/advisories/GHSA-g5m2-22h2-rr3j", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-g5m2-22h2-rr3j" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/logilab-common/PYSEC-2014-84.yaml", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/logilab-common/PYSEC-2014-84.yaml" }, { "reference_url": "http://www.logilab.org/ticket/207562", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.logilab.org/ticket/207562" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1839", "reference_id": "CVE-2014-1839", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-1839" } ], "weaknesses": [ { "cwe_id": 378, "name": "Creation of Temporary File With Insecure Permissions", "description": "Opening temporary files without appropriate measures or controls can leave the file, its contents and any function that it impacts vulnerable to attack." }, { "cwe_id": 937, "name": "OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013." }, { "cwe_id": 1035, "name": "OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities", "description": "Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017." } ], "exploits": [], "severity_range_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5z59-jfr9-y3hj" }