Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/ansible@2.9.13-1?arch=el8ae
Typerpm
Namespaceredhat
Nameansible
Version2.9.13-1
Qualifiers
arch el8ae
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-jrxz-b168-7ug4
vulnerability_id VCID-jrxz-b168-7ug4
summary A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disable_gpg_check is set to False, which is the default behavior. This flaw leads to malicious packages being installed on the system and arbitrary code executed via package installation scripts. The highest threat from this vulnerability is to integrity and system availability.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14365.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14365.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14365
reference_id
reference_type
scores
0
value 0.0007
scoring_system epss
scoring_elements 0.21573
published_at 2026-04-16T12:55:00Z
1
value 0.0007
scoring_system epss
scoring_elements 0.21575
published_at 2026-04-13T12:55:00Z
2
value 0.0007
scoring_system epss
scoring_elements 0.21632
published_at 2026-04-12T12:55:00Z
3
value 0.0007
scoring_system epss
scoring_elements 0.2167
published_at 2026-04-11T12:55:00Z
4
value 0.0007
scoring_system epss
scoring_elements 0.21658
published_at 2026-04-09T12:55:00Z
5
value 0.0007
scoring_system epss
scoring_elements 0.216
published_at 2026-04-08T12:55:00Z
6
value 0.0007
scoring_system epss
scoring_elements 0.21524
published_at 2026-04-07T12:55:00Z
7
value 0.0007
scoring_system epss
scoring_elements 0.21774
published_at 2026-04-04T12:55:00Z
8
value 0.0007
scoring_system epss
scoring_elements 0.21718
published_at 2026-04-02T12:55:00Z
9
value 0.0007
scoring_system epss
scoring_elements 0.21548
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14365
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1869154
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1869154
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10156
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10206
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14846
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14864
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14904
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10684
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10685
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10729
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14330
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14332
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14365
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1733
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1735
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1739
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1740
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1746
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1753
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20228
21
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
22
reference_url https://github.com/advisories/GHSA-m429-fhmv-c6q2
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-m429-fhmv-c6q2
23
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
24
reference_url https://github.com/ansible/ansible/commit/1d043e082b3b1f3ad35c803137f5d3bcbae92275
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/1d043e082b3b1f3ad35c803137f5d3bcbae92275
25
reference_url https://github.com/ansible/ansible/commit/1fa2d5fd6b768120b76a77929e27302b06accc0c
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/1fa2d5fd6b768120b76a77929e27302b06accc0c
26
reference_url https://github.com/ansible/ansible/commit/9bea33ffa3be3d64827f59882d95b817cfab9b7e
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/9bea33ffa3be3d64827f59882d95b817cfab9b7e
27
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-209.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2020-209.yaml
28
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-14365
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-14365
29
reference_url https://www.debian.org/security/2021/dsa-4950
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4950
30
reference_url https://access.redhat.com/errata/RHSA-2020:3600
reference_id RHSA-2020:3600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3600
31
reference_url https://access.redhat.com/errata/RHSA-2020:3601
reference_id RHSA-2020:3601
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3601
32
reference_url https://access.redhat.com/errata/RHSA-2020:3602
reference_id RHSA-2020:3602
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3602
fixed_packages
aliases CVE-2020-14365, GHSA-m429-fhmv-c6q2, PYSEC-2020-209
risk_score 3.2
exploitability 0.5
weighted_severity 6.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jrxz-b168-7ug4
Fixing_vulnerabilities
Risk_score3.2
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ansible@2.9.13-1%3Farch=el8ae