Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/python2.7@2.7.9-2

Type deb

Namespace debian

Name python2.7

Version 2.7.9-2

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 2.7.18-8+deb11u1

Latest_non_vulnerable_version 2.7.18-8+deb11u1

Affected_by_vulnerabilities

url VCID-1taa-a9e4-tbc5

vulnerability_id VCID-1taa-a9e4-tbc5

summary python: regression of CVE-2019-9636 due to functional fix to allow port numbers in netloc

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10160.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10160.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-10160

reference_id

reference_type

scores

value	0.01305
scoring_system	epss
scoring_elements	0.79716
published_at	2026-04-01T12:55:00Z

value	0.01305
scoring_system	epss
scoring_elements	0.79723
published_at	2026-04-02T12:55:00Z

value	0.01305
scoring_system	epss
scoring_elements	0.79745
published_at	2026-04-04T12:55:00Z

value	0.01305
scoring_system	epss
scoring_elements	0.7973
published_at	2026-04-07T12:55:00Z

value	0.01305
scoring_system	epss
scoring_elements	0.79759
published_at	2026-04-08T12:55:00Z

value	0.01305
scoring_system	epss
scoring_elements	0.79766
published_at	2026-04-09T12:55:00Z

value	0.01305
scoring_system	epss
scoring_elements	0.79788
published_at	2026-04-11T12:55:00Z

value	0.01763
scoring_system	epss
scoring_elements	0.82614
published_at	2026-04-13T12:55:00Z

value	0.01763
scoring_system	epss
scoring_elements	0.82619
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-10160

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10160
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10160

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1718388
reference_id	1718388
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1718388

reference_url	https://access.redhat.com/errata/RHSA-2019:1587
reference_id	RHSA-2019:1587
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1587

reference_url	https://access.redhat.com/errata/RHSA-2019:1700
reference_id	RHSA-2019:1700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1700

reference_url	https://access.redhat.com/errata/RHSA-2019:2437
reference_id	RHSA-2019:2437
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2437

reference_url	https://usn.ubuntu.com/4127-1/
reference_id	USN-4127-1
reference_type
scores
url	https://usn.ubuntu.com/4127-1/

reference_url	https://usn.ubuntu.com/4127-2/
reference_id	USN-4127-2
reference_type
scores
url	https://usn.ubuntu.com/4127-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2019-10160

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1taa-a9e4-tbc5

url VCID-2czu-wy37-qugf

vulnerability_id VCID-2czu-wy37-qugf

summary python: constant-time-defeating optimisations issue in the compare_digest function in Lib/hmac.p

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48566.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48566.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-48566

reference_id

reference_type

scores

value	0.00098
scoring_system	epss
scoring_elements	0.2714
published_at	2026-04-02T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26984
published_at	2026-04-13T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.26968
published_at	2026-04-07T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27036
published_at	2026-04-08T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27081
published_at	2026-04-09T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27085
published_at	2026-04-11T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.2704
published_at	2026-04-12T12:55:00Z

value	0.00098
scoring_system	epss
scoring_elements	0.27176
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-48566

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48566
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48566

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2238753
reference_id	2238753
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2238753

reference_url

https://bugs.python.org/issue40791

reference_id

issue40791

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/

url

https://bugs.python.org/issue40791

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_url

https://security.netapp.com/advisory/ntap-20231006-0013/

reference_id

ntap-20231006-0013

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:08:27Z/

url

https://security.netapp.com/advisory/ntap-20231006-0013/

reference_url	https://usn.ubuntu.com/6400-1/
reference_id	USN-6400-1
reference_type
scores
url	https://usn.ubuntu.com/6400-1/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

reference_url	https://usn.ubuntu.com/7180-1/
reference_id	USN-7180-1
reference_type
scores
url	https://usn.ubuntu.com/7180-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2022-48566

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2czu-wy37-qugf

url VCID-2shb-2cvn-dyd2

vulnerability_id VCID-2shb-2cvn-dyd2

summary Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24329.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24329.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-24329

reference_id

reference_type

scores

value	0.01445
scoring_system	epss
scoring_elements	0.80742
published_at	2026-04-13T12:55:00Z

value	0.01445
scoring_system	epss
scoring_elements	0.8075
published_at	2026-04-12T12:55:00Z

value	0.0159
scoring_system	epss
scoring_elements	0.81602
published_at	2026-04-04T12:55:00Z

value	0.0159
scoring_system	epss
scoring_elements	0.81581
published_at	2026-04-02T12:55:00Z

value	0.0159
scoring_system	epss
scoring_elements	0.81653
published_at	2026-04-11T12:55:00Z

value	0.0159
scoring_system	epss
scoring_elements	0.81633
published_at	2026-04-09T12:55:00Z

value	0.0159
scoring_system	epss
scoring_elements	0.81627
published_at	2026-04-08T12:55:00Z

value	0.0159
scoring_system	epss
scoring_elements	0.816
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-24329

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24329

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://github.com/python/cpython/issues/102153

reference_id

102153

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://github.com/python/cpython/issues/102153

reference_url

https://www.kb.cert.org/vuls/id/127587

reference_id

127587

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://www.kb.cert.org/vuls/id/127587

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2173917
reference_id	2173917
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2173917

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/

reference_id

6PEVICI7YNGGMSL3UCMWGE66QFLATH72

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6PEVICI7YNGGMSL3UCMWGE66QFLATH72/

reference_url

https://github.com/python/cpython/pull/99421

reference_id

99421

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://github.com/python/cpython/pull/99421

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/

reference_id

DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DSL6NSOAXWBJJ67XPLSSC74MNKZF3BBO/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/

reference_id

EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EM2XLZSTXG44TMFXF4E6VTGKR2MQCW3G/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/

reference_id

F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F2NY75GFDZ5T6YPN44D3VMFT5SUVTOTG/

reference_url	https://security.gentoo.org/glsa/202405-01
reference_id	GLSA-202405-01
reference_type
scores
url	https://security.gentoo.org/glsa/202405-01

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/

reference_id

GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GR5US3BYILYJ4SKBV6YBNPRUBAL5P2CN/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/

reference_id

H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H23OSKC6UG6IWOQAUPW74YUHWRWVXJP7/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/

reference_id

JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JZTLGV2HYFF4AMYJL25VDIGAIHCU7UPA/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/

reference_id

LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LWC4WGXER5P6Q75RFGL7QUTPP3N5JR7T/

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/

reference_id

MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZEHSXSCMA4WWQKXT6QV7AAR6SWNZ2VP/

reference_url

https://security.netapp.com/advisory/ntap-20230324-0004/

reference_id

ntap-20230324-0004

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://security.netapp.com/advisory/ntap-20230324-0004/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/

reference_id

O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O5SP4RT3RRS434ZS2HQKQJ3VZW7YPKYR/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/

reference_id

OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OHHJHJRLEF3TDT2K3676CAUVRDD4CCMR/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/

reference_id

PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEUN6T22UJFXR7J5F6UUHCXXPKJ2DVHI/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/

reference_id

PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PURM5CFDABEWAIWZFD2MQ7ZJGCPYSQ44/

reference_url

https://pointernull.com/security/python-url-parse-problem.html

reference_id

python-url-parse-problem.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://pointernull.com/security/python-url-parse-problem.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/

reference_id

Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q3J5N24ECS4B6MJDRO6UAYU6GPLYBDCL/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/

reference_id

QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QRQHN7RWJQJHYP6E5EKESOYP5VDSHZG4/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/

reference_id

RA2MBEEES6L46OD64OBSVUUMGKNGMOWW

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RA2MBEEES6L46OD64OBSVUUMGKNGMOWW/

reference_url	https://access.redhat.com/errata/RHSA-2023:3550
reference_id	RHSA-2023:3550
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3550

reference_url	https://access.redhat.com/errata/RHSA-2023:3555
reference_id	RHSA-2023:3555
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3555

reference_url	https://access.redhat.com/errata/RHSA-2023:3556
reference_id	RHSA-2023:3556
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3556

reference_url	https://access.redhat.com/errata/RHSA-2023:3585
reference_id	RHSA-2023:3585
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3585

reference_url	https://access.redhat.com/errata/RHSA-2023:3591
reference_id	RHSA-2023:3591
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3591

reference_url	https://access.redhat.com/errata/RHSA-2023:3594
reference_id	RHSA-2023:3594
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3594

reference_url	https://access.redhat.com/errata/RHSA-2023:3595
reference_id	RHSA-2023:3595
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3595

reference_url	https://access.redhat.com/errata/RHSA-2023:3776
reference_id	RHSA-2023:3776
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3776

reference_url	https://access.redhat.com/errata/RHSA-2023:3777
reference_id	RHSA-2023:3777
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3777

reference_url	https://access.redhat.com/errata/RHSA-2023:3780
reference_id	RHSA-2023:3780
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3780

reference_url	https://access.redhat.com/errata/RHSA-2023:3781
reference_id	RHSA-2023:3781
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3781

reference_url	https://access.redhat.com/errata/RHSA-2023:3796
reference_id	RHSA-2023:3796
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3796

reference_url	https://access.redhat.com/errata/RHSA-2023:3810
reference_id	RHSA-2023:3810
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3810

reference_url	https://access.redhat.com/errata/RHSA-2023:3811
reference_id	RHSA-2023:3811
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3811

reference_url	https://access.redhat.com/errata/RHSA-2023:3931
reference_id	RHSA-2023:3931
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3931

reference_url	https://access.redhat.com/errata/RHSA-2023:3932
reference_id	RHSA-2023:3932
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3932

reference_url	https://access.redhat.com/errata/RHSA-2023:3934
reference_id	RHSA-2023:3934
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3934

reference_url	https://access.redhat.com/errata/RHSA-2023:3935
reference_id	RHSA-2023:3935
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3935

reference_url	https://access.redhat.com/errata/RHSA-2023:3936
reference_id	RHSA-2023:3936
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3936

reference_url	https://access.redhat.com/errata/RHSA-2023:4004
reference_id	RHSA-2023:4004
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4004

reference_url	https://access.redhat.com/errata/RHSA-2023:4008
reference_id	RHSA-2023:4008
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4008

reference_url	https://access.redhat.com/errata/RHSA-2023:4032
reference_id	RHSA-2023:4032
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4032

reference_url	https://access.redhat.com/errata/RHSA-2023:4038
reference_id	RHSA-2023:4038
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4038

reference_url	https://access.redhat.com/errata/RHSA-2023:4203
reference_id	RHSA-2023:4203
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4203

reference_url	https://access.redhat.com/errata/RHSA-2023:4282
reference_id	RHSA-2023:4282
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4282

reference_url	https://access.redhat.com/errata/RHSA-2023:6793
reference_id	RHSA-2023:6793
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6793

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/

reference_id

T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4IDB5OAR5Y4UK3HLMZBW4WEL2B7YFMJ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/

reference_id

TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZH26JGNZ5XYPZ5SAU3NKSBSPRE5OHTG/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/

reference_id

U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U2MZOJYGFCB5PPT6AKMAU72N7QOYWLBP/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/

reference_id

UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UONZWLB4QVLQIY5CPDLEUEKH6WX4VQMC/

reference_url	https://usn.ubuntu.com/5888-1/
reference_id	USN-5888-1
reference_type
scores
url	https://usn.ubuntu.com/5888-1/

reference_url	https://usn.ubuntu.com/5960-1/
reference_id	USN-5960-1
reference_type
scores
url	https://usn.ubuntu.com/5960-1/

reference_url	https://usn.ubuntu.com/6139-1/
reference_id	USN-6139-1
reference_type
scores
url	https://usn.ubuntu.com/6139-1/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

reference_url	https://usn.ubuntu.com/7180-1/
reference_id	USN-7180-1
reference_type
scores
url	https://usn.ubuntu.com/7180-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/

reference_id

WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:25:24Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTOAUJNDWZDRWVSXJ354AYZYKRMT56HU/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2023-24329

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2shb-2cvn-dyd2

url VCID-3mu8-g6x3-effb

vulnerability_id VCID-3mu8-g6x3-effb

summary python: http protocol steam injection attack

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5699.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5699.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5699

reference_id

reference_type

scores

value	0.35276
scoring_system	epss
scoring_elements	0.97014
published_at	2026-04-01T12:55:00Z

value	0.35276
scoring_system	epss
scoring_elements	0.97021
published_at	2026-04-02T12:55:00Z

value	0.35276
scoring_system	epss
scoring_elements	0.97025
published_at	2026-04-07T12:55:00Z

value	0.35276
scoring_system	epss
scoring_elements	0.97035
published_at	2026-04-08T12:55:00Z

value	0.35276
scoring_system	epss
scoring_elements	0.97036
published_at	2026-04-09T12:55:00Z

value	0.35276
scoring_system	epss
scoring_elements	0.97039
published_at	2026-04-12T12:55:00Z

value	0.35276
scoring_system	epss
scoring_elements	0.9704
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5699

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1303699
reference_id	1303699
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1303699

reference_url	https://access.redhat.com/errata/RHSA-2016:1626
reference_id	RHSA-2016:1626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1626

reference_url	https://access.redhat.com/errata/RHSA-2016:1627
reference_id	RHSA-2016:1627
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1627

reference_url	https://access.redhat.com/errata/RHSA-2016:1628
reference_id	RHSA-2016:1628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1628

reference_url	https://access.redhat.com/errata/RHSA-2016:1629
reference_id	RHSA-2016:1629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1629

reference_url	https://access.redhat.com/errata/RHSA-2016:1630
reference_id	RHSA-2016:1630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1630

reference_url	https://usn.ubuntu.com/3134-1/
reference_id	USN-3134-1
reference_type
scores
url	https://usn.ubuntu.com/3134-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

purl pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3

aliases CVE-2016-5699

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3mu8-g6x3-effb

url VCID-4py6-hkzp-v3d4

vulnerability_id VCID-4py6-hkzp-v3d4

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

reference_url	https://access.redhat.com/errata/RHBA-2019:0327
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:0327

reference_url	https://access.redhat.com/errata/RHSA-2018:3505
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3505

reference_url	https://access.redhat.com/errata/RHSA-2019:1260
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1260

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1060.json

reference_id

reference_type

scores

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1060.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1060

reference_id

reference_type

scores

value	0.00961
scoring_system	epss
scoring_elements	0.76425
published_at	2026-04-01T12:55:00Z

value	0.00961
scoring_system	epss
scoring_elements	0.76458
published_at	2026-04-04T12:55:00Z

value	0.00961
scoring_system	epss
scoring_elements	0.7644
published_at	2026-04-07T12:55:00Z

value	0.00961
scoring_system	epss
scoring_elements	0.76472
published_at	2026-04-08T12:55:00Z

value	0.00961
scoring_system	epss
scoring_elements	0.76486
published_at	2026-04-09T12:55:00Z

value	0.00961
scoring_system	epss
scoring_elements	0.76512
published_at	2026-04-11T12:55:00Z

value	0.00961
scoring_system	epss
scoring_elements	0.76491
published_at	2026-04-12T12:55:00Z

value	0.00961
scoring_system	epss
scoring_elements	0.7643
published_at	2026-04-02T12:55:00Z

value	0.01049
scoring_system	epss
scoring_elements	0.77527
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1060

reference_url	https://bugs.python.org/issue32981
reference_id
reference_type
scores
url	https://bugs.python.org/issue32981

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1060
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1060

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647

reference_url	https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1
reference_id
reference_type
scores
url	https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1

reference_url	https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1
reference_id
reference_type
scores
url	https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/

reference_url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us
reference_id
reference_type
scores
url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us

reference_url	https://www.debian.org/security/2018/dsa-4306
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4306

reference_url	https://www.debian.org/security/2018/dsa-4307
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4307

reference_url	https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2020.html

reference_url	http://www.securitytracker.com/id/1042001
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1042001

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1549191
reference_id	1549191
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1549191

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:::::::*
reference_id	cpe:2.3:a:redhat:ansible_tower:3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1060

reference_id

CVE-2018-1060

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	4.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1060

reference_url	https://access.redhat.com/errata/RHSA-2018:3041
reference_id	RHSA-2018:3041
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3041

reference_url	https://access.redhat.com/errata/RHSA-2019:3725
reference_id	RHSA-2019:3725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3725

reference_url	https://access.redhat.com/errata/RHSA-2020:1268
reference_id	RHSA-2020:1268
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1268

reference_url	https://access.redhat.com/errata/RHSA-2020:1346
reference_id	RHSA-2020:1346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1346

reference_url	https://usn.ubuntu.com/3817-1/
reference_id	USN-3817-1
reference_type
scores
url	https://usn.ubuntu.com/3817-1/

reference_url	https://usn.ubuntu.com/3817-2/
reference_id	USN-3817-2
reference_type
scores
url	https://usn.ubuntu.com/3817-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

purl pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3

url pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

purl pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1

aliases CVE-2018-1060

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4py6-hkzp-v3d4

url VCID-4q79-666d-rygx

vulnerability_id VCID-4q79-666d-rygx

summary python: XML External Entity in XML processing plistlib module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48565.json

reference_id

reference_type

scores

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48565.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-48565

reference_id

reference_type

scores

value	0.07274
scoring_system	epss
scoring_elements	0.91625
published_at	2026-04-02T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.9166
published_at	2026-04-13T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91631
published_at	2026-04-04T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91639
published_at	2026-04-07T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91651
published_at	2026-04-08T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91657
published_at	2026-04-09T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91661
published_at	2026-04-11T12:55:00Z

value	0.07274
scoring_system	epss
scoring_elements	0.91663
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-48565

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48565

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2240059
reference_id	2240059
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2240059

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/

reference_id

AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AFHYAGWBFBNUGWU6XWKBHTCV5NH77MB7/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/

reference_id

BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAYWJD576JUKLHCWKDLMJSUGTRDKPF3M/

reference_url

https://bugs.python.org/issue42051

reference_id

issue42051

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://bugs.python.org/issue42051

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/

reference_id

KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KZRZRJHWLZ7MOJNPQBWGJVXMVYDC5BRA/

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_url

https://security.netapp.com/advisory/ntap-20231006-0007/

reference_id

ntap-20231006-0007

reference_type

scores

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2024-10-03T17:41:12Z/

url

https://security.netapp.com/advisory/ntap-20231006-0007/

reference_url	https://access.redhat.com/errata/RHSA-2024:2987
reference_id	RHSA-2024:2987
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2987

reference_url	https://usn.ubuntu.com/6354-1/
reference_id	USN-6354-1
reference_type
scores
url	https://usn.ubuntu.com/6354-1/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

reference_url	https://usn.ubuntu.com/7180-1/
reference_id	USN-7180-1
reference_type
scores
url	https://usn.ubuntu.com/7180-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2022-48565

risk_score 3.5

exploitability 0.5

weighted_severity 7.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4q79-666d-rygx

url VCID-4z89-3tfk-pyge

vulnerability_id VCID-4z89-3tfk-pyge

summary Multiple vulberabilities have been discovered in Python and PyPy3, the worst of which can lead to privilege escalation.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40217.json

reference_id

reference_type

scores

value	8.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-40217.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-40217

reference_id

reference_type

scores

value	0.00581
scoring_system	epss
scoring_elements	0.68909
published_at	2026-04-13T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.68929
published_at	2026-04-09T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.68952
published_at	2026-04-11T12:55:00Z

value	0.00581
scoring_system	epss
scoring_elements	0.68938
published_at	2026-04-12T12:55:00Z

value	0.00597
scoring_system	epss
scoring_elements	0.69371
published_at	2026-04-08T12:55:00Z

value	0.00597
scoring_system	epss
scoring_elements	0.69324
published_at	2026-04-02T12:55:00Z

value	0.00597
scoring_system	epss
scoring_elements	0.69341
published_at	2026-04-04T12:55:00Z

value	0.00597
scoring_system	epss
scoring_elements	0.69321
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-40217

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-40217

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2235789
reference_id	2235789
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2235789

reference_url	https://security.gentoo.org/glsa/202405-01
reference_id	GLSA-202405-01
reference_type
scores
url	https://security.gentoo.org/glsa/202405-01

reference_url

https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html

reference_id

msg00017.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/

url

https://lists.debian.org/debian-lts-announce/2023/10/msg00017.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_url

https://security.netapp.com/advisory/ntap-20231006-0014/

reference_id

ntap-20231006-0014

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/

url

https://security.netapp.com/advisory/ntap-20231006-0014/

reference_url

https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/

reference_id

PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/

url

https://mail.python.org/archives/list/security-announce%40python.org/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/

reference_url	https://access.redhat.com/errata/RHSA-2023:5456
reference_id	RHSA-2023:5456
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5456

reference_url	https://access.redhat.com/errata/RHSA-2023:5462
reference_id	RHSA-2023:5462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5462

reference_url	https://access.redhat.com/errata/RHSA-2023:5463
reference_id	RHSA-2023:5463
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5463

reference_url	https://access.redhat.com/errata/RHSA-2023:5472
reference_id	RHSA-2023:5472
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5472

reference_url	https://access.redhat.com/errata/RHSA-2023:5528
reference_id	RHSA-2023:5528
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5528

reference_url	https://access.redhat.com/errata/RHSA-2023:5531
reference_id	RHSA-2023:5531
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5531

reference_url	https://access.redhat.com/errata/RHSA-2023:5990
reference_id	RHSA-2023:5990
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5990

reference_url	https://access.redhat.com/errata/RHSA-2023:5991
reference_id	RHSA-2023:5991
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5991

reference_url	https://access.redhat.com/errata/RHSA-2023:5992
reference_id	RHSA-2023:5992
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5992

reference_url	https://access.redhat.com/errata/RHSA-2023:5993
reference_id	RHSA-2023:5993
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5993

reference_url	https://access.redhat.com/errata/RHSA-2023:5994
reference_id	RHSA-2023:5994
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5994

reference_url	https://access.redhat.com/errata/RHSA-2023:5995
reference_id	RHSA-2023:5995
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5995

reference_url	https://access.redhat.com/errata/RHSA-2023:5996
reference_id	RHSA-2023:5996
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5996

reference_url	https://access.redhat.com/errata/RHSA-2023:5997
reference_id	RHSA-2023:5997
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5997

reference_url	https://access.redhat.com/errata/RHSA-2023:5998
reference_id	RHSA-2023:5998
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5998

reference_url	https://access.redhat.com/errata/RHSA-2023:6068
reference_id	RHSA-2023:6068
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6068

reference_url	https://access.redhat.com/errata/RHSA-2023:6069
reference_id	RHSA-2023:6069
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6069

reference_url	https://access.redhat.com/errata/RHSA-2023:6290
reference_id	RHSA-2023:6290
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6290

reference_url	https://access.redhat.com/errata/RHSA-2023:6793
reference_id	RHSA-2023:6793
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6793

reference_url	https://access.redhat.com/errata/RHSA-2023:6823
reference_id	RHSA-2023:6823
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6823

reference_url	https://access.redhat.com/errata/RHSA-2023:6885
reference_id	RHSA-2023:6885
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6885

reference_url

https://www.python.org/dev/security/

reference_id

security

reference_type

scores

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:39Z/

url

https://www.python.org/dev/security/

reference_url	https://usn.ubuntu.com/6513-1/
reference_id	USN-6513-1
reference_type
scores
url	https://usn.ubuntu.com/6513-1/

reference_url	https://usn.ubuntu.com/6513-2/
reference_id	USN-6513-2
reference_type
scores
url	https://usn.ubuntu.com/6513-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

reference_url	https://usn.ubuntu.com/7180-1/
reference_id	USN-7180-1
reference_type
scores
url	https://usn.ubuntu.com/7180-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2023-40217

risk_score 3.9

exploitability 0.5

weighted_severity 7.7

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4z89-3tfk-pyge

url VCID-57c6-hx7f-efc6

vulnerability_id VCID-57c6-hx7f-efc6

summary python: CRLF injection via the host part of the url passed to urlopen()

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18348.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-18348.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-18348

reference_id

reference_type

scores

value	0.02672
scoring_system	epss
scoring_elements	0.85746
published_at	2026-04-01T12:55:00Z

value	0.02672
scoring_system	epss
scoring_elements	0.8582
published_at	2026-04-13T12:55:00Z

value	0.02672
scoring_system	epss
scoring_elements	0.85813
published_at	2026-04-09T12:55:00Z

value	0.02672
scoring_system	epss
scoring_elements	0.85827
published_at	2026-04-11T12:55:00Z

value	0.02672
scoring_system	epss
scoring_elements	0.85824
published_at	2026-04-12T12:55:00Z

value	0.02672
scoring_system	epss
scoring_elements	0.85758
published_at	2026-04-02T12:55:00Z

value	0.02672
scoring_system	epss
scoring_elements	0.85777
published_at	2026-04-04T12:55:00Z

value	0.02672
scoring_system	epss
scoring_elements	0.85783
published_at	2026-04-07T12:55:00Z

value	0.02672
scoring_system	epss
scoring_elements	0.85802
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-18348

reference_url	https://bugs.python.org/issue30458#msg347282
reference_id
reference_type
scores
url	https://bugs.python.org/issue30458#msg347282

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18348
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18348

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A5NSAX4SC3V64PGZUPH7PRDLSON34Q5A/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6/

reference_url	https://security.netapp.com/advisory/ntap-20191107-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191107-0004/

reference_url	https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuoct2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1727276
reference_id	1727276
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1727276

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-18348

reference_id

CVE-2019-18348

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-18348

reference_url	https://access.redhat.com/errata/RHSA-2020:4273
reference_id	RHSA-2020:4273
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4273

reference_url	https://access.redhat.com/errata/RHSA-2020:4285
reference_id	RHSA-2020:4285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4285

reference_url	https://usn.ubuntu.com/4333-1/
reference_id	USN-4333-1
reference_type
scores
url	https://usn.ubuntu.com/4333-1/

reference_url	https://usn.ubuntu.com/4333-2/
reference_id	USN-4333-2
reference_type
scores
url	https://usn.ubuntu.com/4333-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2019-18348

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57c6-hx7f-efc6

url VCID-7jat-6ags-qbdr

vulnerability_id VCID-7jat-6ags-qbdr

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14647.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14647.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-14647

reference_id

reference_type

scores

value	0.01634
scoring_system	epss
scoring_elements	0.81846
published_at	2026-04-01T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81857
published_at	2026-04-02T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81879
published_at	2026-04-04T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81875
published_at	2026-04-07T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81902
published_at	2026-04-08T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81908
published_at	2026-04-09T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81928
published_at	2026-04-11T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81916
published_at	2026-04-12T12:55:00Z

value	0.01634
scoring_system	epss
scoring_elements	0.81911
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-14647

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1631822
reference_id	1631822
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1631822

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921039
reference_id	921039
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921039

reference_url	https://access.redhat.com/errata/RHSA-2019:2030
reference_id	RHSA-2019:2030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2030

reference_url	https://access.redhat.com/errata/RHSA-2019:3725
reference_id	RHSA-2019:3725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3725

reference_url	https://access.redhat.com/errata/RHSA-2020:1268
reference_id	RHSA-2020:1268
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1268

reference_url	https://access.redhat.com/errata/RHSA-2020:1346
reference_id	RHSA-2020:1346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1346

reference_url	https://access.redhat.com/errata/RHSA-2020:1462
reference_id	RHSA-2020:1462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1462

reference_url	https://usn.ubuntu.com/3817-1/
reference_id	USN-3817-1
reference_type
scores
url	https://usn.ubuntu.com/3817-1/

reference_url	https://usn.ubuntu.com/3817-2/
reference_id	USN-3817-2
reference_type
scores
url	https://usn.ubuntu.com/3817-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

purl pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3

url pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

purl pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1

aliases CVE-2018-14647

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7jat-6ags-qbdr

url VCID-9mcr-rmtb-mufj

vulnerability_id VCID-9mcr-rmtb-mufj

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could result in a Denial of Service condition.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00039.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00041.html

reference_url	http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html

reference_url	https://access.redhat.com/errata/RHSA-2019:1260
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1260

reference_url	https://access.redhat.com/errata/RHSA-2019:3335
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3335

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9740.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9740.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9740

reference_id

reference_type

scores

value	0.0991
scoring_system	epss
scoring_elements	0.92982
published_at	2026-04-01T12:55:00Z

value	0.0991
scoring_system	epss
scoring_elements	0.93009
published_at	2026-04-12T12:55:00Z

value	0.0991
scoring_system	epss
scoring_elements	0.93001
published_at	2026-04-08T12:55:00Z

value	0.0991
scoring_system	epss
scoring_elements	0.93006
published_at	2026-04-09T12:55:00Z

value	0.0991
scoring_system	epss
scoring_elements	0.9301
published_at	2026-04-13T12:55:00Z

value	0.0991
scoring_system	epss
scoring_elements	0.9299
published_at	2026-04-02T12:55:00Z

value	0.0991
scoring_system	epss
scoring_elements	0.92994
published_at	2026-04-04T12:55:00Z

value	0.0991
scoring_system	epss
scoring_elements	0.92993
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9740

reference_url	https://bugs.python.org/issue36276
reference_id
reference_type
scores
url	https://bugs.python.org/issue36276

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9740

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/

reference_url	https://seclists.org/bugtraq/2019/Oct/29
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Oct/29

reference_url	https://security.netapp.com/advisory/ntap-20190619-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190619-0005/

reference_url	https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	http://www.openwall.com/lists/oss-security/2021/02/04/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2021/02/04/2

reference_url	http://www.securityfocus.com/bid/107466
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107466

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1688169
reference_id	1688169
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1688169

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9740

reference_id

CVE-2019-9740

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9740

reference_url	https://security.gentoo.org/glsa/202003-26
reference_id	GLSA-202003-26
reference_type
scores
url	https://security.gentoo.org/glsa/202003-26

reference_url	https://access.redhat.com/errata/RHSA-2019:2030
reference_id	RHSA-2019:2030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2030

reference_url	https://access.redhat.com/errata/RHSA-2019:3520
reference_id	RHSA-2019:3520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3520

reference_url	https://access.redhat.com/errata/RHSA-2019:3725
reference_id	RHSA-2019:3725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3725

reference_url	https://access.redhat.com/errata/RHSA-2020:1268
reference_id	RHSA-2020:1268
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1268

reference_url	https://access.redhat.com/errata/RHSA-2020:1346
reference_id	RHSA-2020:1346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1346

reference_url	https://access.redhat.com/errata/RHSA-2020:1462
reference_id	RHSA-2020:1462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1462

reference_url	https://usn.ubuntu.com/4127-1/
reference_id	USN-4127-1
reference_type
scores
url	https://usn.ubuntu.com/4127-1/

reference_url	https://usn.ubuntu.com/4127-2/
reference_id	USN-4127-2
reference_type
scores
url	https://usn.ubuntu.com/4127-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2019-9740

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9mcr-rmtb-mufj

url VCID-c97c-3177-wkhx

vulnerability_id VCID-c97c-3177-wkhx

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5636.json

reference_id

reference_type

scores

value	4.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5636.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-5636

reference_id

reference_type

scores

value	0.38587
scoring_system	epss
scoring_elements	0.97216
published_at	2026-04-01T12:55:00Z

value	0.38587
scoring_system	epss
scoring_elements	0.97244
published_at	2026-04-13T12:55:00Z

value	0.38587
scoring_system	epss
scoring_elements	0.97242
published_at	2026-04-11T12:55:00Z

value	0.38587
scoring_system	epss
scoring_elements	0.97243
published_at	2026-04-12T12:55:00Z

value	0.38587
scoring_system	epss
scoring_elements	0.97222
published_at	2026-04-02T12:55:00Z

value	0.38587
scoring_system	epss
scoring_elements	0.97227
published_at	2026-04-04T12:55:00Z

value	0.38587
scoring_system	epss
scoring_elements	0.97228
published_at	2026-04-07T12:55:00Z

value	0.38587
scoring_system	epss
scoring_elements	0.97238
published_at	2026-04-08T12:55:00Z

value	0.38587
scoring_system	epss
scoring_elements	0.97239
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-5636

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5636
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5636

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:P/I:P/A:P

value	7.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1345856
reference_id	1345856
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1345856

reference_url	https://security.gentoo.org/glsa/201701-18
reference_id	GLSA-201701-18
reference_type
scores
url	https://security.gentoo.org/glsa/201701-18

reference_url	https://access.redhat.com/errata/RHSA-2016:2586
reference_id	RHSA-2016:2586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:2586

reference_url	https://usn.ubuntu.com/3134-1/
reference_id	USN-3134-1
reference_type
scores
url	https://usn.ubuntu.com/3134-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

purl pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3

aliases CVE-2016-5636

risk_score 2.0

exploitability 0.5

weighted_severity 4.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c97c-3177-wkhx

url VCID-dkxn-j9dr-sqbp

vulnerability_id VCID-dkxn-j9dr-sqbp

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could result in the arbitrary execution of code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3177.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-3177.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-3177

reference_id

reference_type

scores

value	0.00072
scoring_system	epss
scoring_elements	0.2193
published_at	2026-04-12T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21902
published_at	2026-04-08T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21827
published_at	2026-04-07T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21873
published_at	2026-04-13T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21958
published_at	2026-04-09T12:55:00Z

value	0.00072
scoring_system	epss
scoring_elements	0.21971
published_at	2026-04-11T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22631
published_at	2026-04-04T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22421
published_at	2026-04-01T12:55:00Z

value	0.00074
scoring_system	epss
scoring_elements	0.22589
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-3177

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3177

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1918168
reference_id	1918168
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1918168

reference_url

https://github.com/python/cpython/pull/24239

reference_id

24239

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://github.com/python/cpython/pull/24239

reference_url	https://security.archlinux.org/ASA-202102-37
reference_id	ASA-202102-37
reference_type
scores
url	https://security.archlinux.org/ASA-202102-37

reference_url

https://security.archlinux.org/AVG-1465

reference_id

AVG-1465

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1465

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/

reference_id

BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/

reference_id

CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A/

reference_url

https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html

reference_id

ctypes-buffer-overflow-pycarg_repr.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/

reference_id

FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/

reference_id

FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E/

reference_url

https://security.gentoo.org/glsa/202101-18

reference_id

GLSA-202101-18

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://security.gentoo.org/glsa/202101-18

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/

reference_id

HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/

reference_url

https://bugs.python.org/issue42938

reference_id

issue42938

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://bugs.python.org/issue42938

reference_url

https://news.ycombinator.com/item?id=26185005

reference_id

item?id=26185005

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://news.ycombinator.com/item?id=26185005

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/

reference_id

MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/

reference_id

MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html

reference_id

msg00005.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html

reference_url

https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html

reference_id

msg00013.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html

reference_id

msg00024.html

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/

reference_id

NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/

reference_id

NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA/

reference_url

https://security.netapp.com/advisory/ntap-20210226-0003/

reference_id

ntap-20210226-0003

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://security.netapp.com/advisory/ntap-20210226-0003/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/

reference_id

NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK/

reference_url	https://access.redhat.com/errata/RHSA-2021:1633
reference_id	RHSA-2021:1633
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1633

reference_url	https://access.redhat.com/errata/RHSA-2021:1761
reference_id	RHSA-2021:1761
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1761

reference_url	https://access.redhat.com/errata/RHSA-2021:1879
reference_id	RHSA-2021:1879
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1879

reference_url	https://access.redhat.com/errata/RHSA-2021:3252
reference_id	RHSA-2021:3252
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3252

reference_url	https://access.redhat.com/errata/RHSA-2022:5235
reference_id	RHSA-2022:5235
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:5235

reference_url	https://usn.ubuntu.com/4754-1/
reference_id	USN-4754-1
reference_type
scores
url	https://usn.ubuntu.com/4754-1/

reference_url	https://usn.ubuntu.com/4754-3/
reference_id	USN-4754-3
reference_type
scores
url	https://usn.ubuntu.com/4754-3/

reference_url	https://usn.ubuntu.com/4754-4/
reference_id	USN-4754-4
reference_type
scores
url	https://usn.ubuntu.com/4754-4/

reference_url	https://usn.ubuntu.com/4754-5/
reference_id	USN-4754-5
reference_type
scores
url	https://usn.ubuntu.com/4754-5/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/

reference_id

V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/

reference_id

Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/

reference_id

YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/

reference_id

Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO

reference_type

scores

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2025-12-18T15:03:29Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2021-3177

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dkxn-j9dr-sqbp

url VCID-dv5v-71b5-budp

vulnerability_id VCID-dv5v-71b5-budp

summary python: use after free in heappushpop() of heapq module

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48560.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48560.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-48560

reference_id

reference_type

scores

value	0.00202
scoring_system	epss
scoring_elements	0.42375
published_at	2026-04-02T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42405
published_at	2026-04-04T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42344
published_at	2026-04-07T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42393
published_at	2026-04-08T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.424
published_at	2026-04-09T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42423
published_at	2026-04-11T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42387
published_at	2026-04-12T12:55:00Z

value	0.00202
scoring_system	epss
scoring_elements	0.42358
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-48560

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48560
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48560

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.2
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2249755
reference_id	2249755
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2249755

reference_url	https://access.redhat.com/errata/RHSA-2024:0114
reference_id	RHSA-2024:0114
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0114

reference_url	https://access.redhat.com/errata/RHSA-2024:0430
reference_id	RHSA-2024:0430
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0430

reference_url	https://access.redhat.com/errata/RHSA-2024:0586
reference_id	RHSA-2024:0586
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:0586

reference_url	https://access.redhat.com/errata/RHSA-2024:2987
reference_id	RHSA-2024:2987
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2024:2987

reference_url	https://usn.ubuntu.com/6394-1/
reference_id	USN-6394-1
reference_type
scores
url	https://usn.ubuntu.com/6394-1/

reference_url	https://usn.ubuntu.com/6394-2/
reference_id	USN-6394-2
reference_type
scores
url	https://usn.ubuntu.com/6394-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

reference_url	https://usn.ubuntu.com/7180-1/
reference_id	USN-7180-1
reference_type
scores
url	https://usn.ubuntu.com/7180-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2022-48560

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dv5v-71b5-budp

url VCID-gfzb-b7tt-fkgz

vulnerability_id VCID-gfzb-b7tt-fkgz

summary

A buffer overflow in Python might allow remote attackers to cause a
    Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000030.json

reference_id

reference_type

scores

value	3.6
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000030.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000030

reference_id

reference_type

scores

value	0.01576
scoring_system	epss
scoring_elements	0.81483
published_at	2026-04-01T12:55:00Z

value	0.01576
scoring_system	epss
scoring_elements	0.81495
published_at	2026-04-02T12:55:00Z

value	0.01576
scoring_system	epss
scoring_elements	0.81517
published_at	2026-04-04T12:55:00Z

value	0.01576
scoring_system	epss
scoring_elements	0.81514
published_at	2026-04-07T12:55:00Z

value	0.01576
scoring_system	epss
scoring_elements	0.81542
published_at	2026-04-08T12:55:00Z

value	0.01576
scoring_system	epss
scoring_elements	0.81548
published_at	2026-04-13T12:55:00Z

value	0.01576
scoring_system	epss
scoring_elements	0.81568
published_at	2026-04-11T12:55:00Z

value	0.01576
scoring_system	epss
scoring_elements	0.81555
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000030

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000030
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000030

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1541558
reference_id	1541558
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1541558

reference_url	https://security.gentoo.org/glsa/201811-02
reference_id	GLSA-201811-02
reference_type
scores
url	https://security.gentoo.org/glsa/201811-02

reference_url	https://usn.ubuntu.com/3817-1/
reference_id	USN-3817-1
reference_type
scores
url	https://usn.ubuntu.com/3817-1/

reference_url	https://usn.ubuntu.com/3817-2/
reference_id	USN-3817-2
reference_type
scores
url	https://usn.ubuntu.com/3817-2/

fixed_packages

url pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

purl pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1

aliases CVE-2018-1000030

risk_score 1.8

exploitability 0.5

weighted_severity 3.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gfzb-b7tt-fkgz

url VCID-gkfp-ga1r-jkag

vulnerability_id VCID-gkfp-ga1r-jkag

summary

A vulnerability in Python could lead to a Denial of Service
    condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8492.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-8492.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-8492

reference_id

reference_type

scores

value	0.03512
scoring_system	epss
scoring_elements	0.87628
published_at	2026-04-13T12:55:00Z

value	0.03512
scoring_system	epss
scoring_elements	0.87617
published_at	2026-04-08T12:55:00Z

value	0.03512
scoring_system	epss
scoring_elements	0.87624
published_at	2026-04-09T12:55:00Z

value	0.03512
scoring_system	epss
scoring_elements	0.87635
published_at	2026-04-11T12:55:00Z

value	0.03512
scoring_system	epss
scoring_elements	0.8763
published_at	2026-04-12T12:55:00Z

value	0.03512
scoring_system	epss
scoring_elements	0.87598
published_at	2026-04-07T12:55:00Z

value	0.0363
scoring_system	epss
scoring_elements	0.87785
published_at	2026-04-02T12:55:00Z

value	0.0363
scoring_system	epss
scoring_elements	0.87796
published_at	2026-04-04T12:55:00Z

value	0.0363
scoring_system	epss
scoring_elements	0.87774
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-8492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8492

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1809065
reference_id	1809065
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1809065

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099
reference_id	970099
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099

reference_url	https://security.gentoo.org/glsa/202005-09
reference_id	GLSA-202005-09
reference_type
scores
url	https://security.gentoo.org/glsa/202005-09

reference_url	https://access.redhat.com/errata/RHSA-2020:3888
reference_id	RHSA-2020:3888
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3888

reference_url	https://access.redhat.com/errata/RHSA-2020:4285
reference_id	RHSA-2020:4285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4285

reference_url	https://access.redhat.com/errata/RHSA-2020:4433
reference_id	RHSA-2020:4433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4433

reference_url	https://access.redhat.com/errata/RHSA-2020:4641
reference_id	RHSA-2020:4641
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4641

reference_url	https://usn.ubuntu.com/4333-1/
reference_id	USN-4333-1
reference_type
scores
url	https://usn.ubuntu.com/4333-1/

reference_url	https://usn.ubuntu.com/4333-2/
reference_id	USN-4333-2
reference_type
scores
url	https://usn.ubuntu.com/4333-2/

reference_url	https://usn.ubuntu.com/4754-3/
reference_id	USN-4754-3
reference_type
scores
url	https://usn.ubuntu.com/4754-3/

reference_url	https://usn.ubuntu.com/5200-1/
reference_id	USN-5200-1
reference_type
scores
url	https://usn.ubuntu.com/5200-1/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2020-8492

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gkfp-ga1r-jkag

url VCID-hcq4-yq9k-jygb

vulnerability_id VCID-hcq4-yq9k-jygb

summary security update

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000802.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000802.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000802

reference_id

reference_type

scores

value	0.22336
scoring_system	epss
scoring_elements	0.95817
published_at	2026-04-13T12:55:00Z

value	0.22336
scoring_system	epss
scoring_elements	0.95808
published_at	2026-04-08T12:55:00Z

value	0.22336
scoring_system	epss
scoring_elements	0.95812
published_at	2026-04-09T12:55:00Z

value	0.22336
scoring_system	epss
scoring_elements	0.95815
published_at	2026-04-12T12:55:00Z

value	0.22336
scoring_system	epss
scoring_elements	0.95797
published_at	2026-04-04T12:55:00Z

value	0.22336
scoring_system	epss
scoring_elements	0.958
published_at	2026-04-07T12:55:00Z

value	0.23201
scoring_system	epss
scoring_elements	0.95911
published_at	2026-04-02T12:55:00Z

value	0.23201
scoring_system	epss
scoring_elements	0.95903
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1631420
reference_id	1631420
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1631420

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909673
reference_id	909673
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909673

reference_url	https://usn.ubuntu.com/3817-1/
reference_id	USN-3817-1
reference_type
scores
url	https://usn.ubuntu.com/3817-1/

reference_url	https://usn.ubuntu.com/3817-2/
reference_id	USN-3817-2
reference_type
scores
url	https://usn.ubuntu.com/3817-2/

fixed_packages

url pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

purl pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3

url pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

purl pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1

aliases CVE-2018-1000802

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hcq4-yq9k-jygb

url VCID-hgwh-tzsf-suc1

vulnerability_id VCID-hgwh-tzsf-suc1

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could lead to arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0772.json

reference_id

reference_type

scores

value	4.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0772.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-0772

reference_id

reference_type

scores

value	0.05778
scoring_system	epss
scoring_elements	0.90443
published_at	2026-04-01T12:55:00Z

value	0.05778
scoring_system	epss
scoring_elements	0.90447
published_at	2026-04-02T12:55:00Z

value	0.05778
scoring_system	epss
scoring_elements	0.90459
published_at	2026-04-04T12:55:00Z

value	0.05778
scoring_system	epss
scoring_elements	0.90464
published_at	2026-04-07T12:55:00Z

value	0.05778
scoring_system	epss
scoring_elements	0.90476
published_at	2026-04-08T12:55:00Z

value	0.05778
scoring_system	epss
scoring_elements	0.90482
published_at	2026-04-09T12:55:00Z

value	0.05778
scoring_system	epss
scoring_elements	0.9049
published_at	2026-04-12T12:55:00Z

value	0.05778
scoring_system	epss
scoring_elements	0.90483
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-0772

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1303647
reference_id	1303647
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1303647

reference_url	https://github.com/tintinweb/pub/tree/11f6ebda59ad878377df78351f8ab580660d0024/pocs/cve-2016-0772
reference_id	CVE-2016-0772
reference_type	exploit
scores
url	https://github.com/tintinweb/pub/tree/11f6ebda59ad878377df78351f8ab580660d0024/pocs/cve-2016-0772

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43500.txt
reference_id	CVE-2016-0772
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43500.txt

reference_url	https://security.gentoo.org/glsa/201701-18
reference_id	GLSA-201701-18
reference_type
scores
url	https://security.gentoo.org/glsa/201701-18

reference_url	https://access.redhat.com/errata/RHSA-2016:1626
reference_id	RHSA-2016:1626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1626

reference_url	https://access.redhat.com/errata/RHSA-2016:1627
reference_id	RHSA-2016:1627
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1627

reference_url	https://access.redhat.com/errata/RHSA-2016:1628
reference_id	RHSA-2016:1628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1628

reference_url	https://access.redhat.com/errata/RHSA-2016:1629
reference_id	RHSA-2016:1629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1629

reference_url	https://access.redhat.com/errata/RHSA-2016:1630
reference_id	RHSA-2016:1630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1630

reference_url	https://usn.ubuntu.com/3134-1/
reference_id	USN-3134-1
reference_type
scores
url	https://usn.ubuntu.com/3134-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

purl pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3

aliases CVE-2016-0772

risk_score 8.6

exploitability 2.0

weighted_severity 4.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgwh-tzsf-suc1

url VCID-j9s6-2y47-zbbt

vulnerability_id VCID-j9s6-2y47-zbbt

summary security update

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

reference_url	https://access.redhat.com/errata/RHBA-2019:0327
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:0327

reference_url	https://access.redhat.com/errata/RHSA-2018:3505
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3505

reference_url	https://access.redhat.com/errata/RHSA-2019:1260
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1260

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1061.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1061.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1061

reference_id

reference_type

scores

value	0.01476
scoring_system	epss
scoring_elements	0.80908
published_at	2026-04-01T12:55:00Z

value	0.01476
scoring_system	epss
scoring_elements	0.80966
published_at	2026-04-13T12:55:00Z

value	0.01476
scoring_system	epss
scoring_elements	0.80964
published_at	2026-04-08T12:55:00Z

value	0.01476
scoring_system	epss
scoring_elements	0.80972
published_at	2026-04-09T12:55:00Z

value	0.01476
scoring_system	epss
scoring_elements	0.80988
published_at	2026-04-11T12:55:00Z

value	0.01476
scoring_system	epss
scoring_elements	0.80974
published_at	2026-04-12T12:55:00Z

value	0.01476
scoring_system	epss
scoring_elements	0.80917
published_at	2026-04-02T12:55:00Z

value	0.01476
scoring_system	epss
scoring_elements	0.80939
published_at	2026-04-04T12:55:00Z

value	0.01476
scoring_system	epss
scoring_elements	0.80937
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1061

reference_url	https://bugs.python.org/issue32981
reference_id
reference_type
scores
url	https://bugs.python.org/issue32981

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1061
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1061

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000802

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647

reference_url	https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1
reference_id
reference_type
scores
url	https://docs.python.org/3.5/whatsnew/changelog.html#python-3-5-6-release-candidate-1

reference_url	https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1
reference_id
reference_type
scores
url	https://docs.python.org/3.6/whatsnew/changelog.html#python-3-6-5-release-candidate-1

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/

reference_url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us
reference_id
reference_type
scores
url	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03951en_us

reference_url	https://www.debian.org/security/2018/dsa-4306
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4306

reference_url	https://www.debian.org/security/2018/dsa-4307
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4307

reference_url	http://www.securitytracker.com/id/1042001
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1042001

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1549192
reference_id	1549192
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1549192

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha1::::::
reference_id	cpe:2.3:a:python:python:3.7.0:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha2::::::
reference_id	cpe:2.3:a:python:python:3.7.0:alpha2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha3::::::
reference_id	cpe:2.3:a:python:python:3.7.0:alpha3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha4::::::
reference_id	cpe:2.3:a:python:python:3.7.0:alpha4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:alpha4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta1::::::
reference_id	cpe:2.3:a:python:python:3.7.0:beta1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta2::::::
reference_id	cpe:2.3:a:python:python:3.7.0:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta3::::::
reference_id	cpe:2.3:a:python:python:3.7.0:beta3::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta3::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta4::::::
reference_id	cpe:2.3:a:python:python:3.7.0:beta4::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta4::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta5::::::
reference_id	cpe:2.3:a:python:python:3.7.0:beta5::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:beta5::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:rc1::::::
reference_id	cpe:2.3:a:python:python:3.7.0:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.7.0:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:::::::*
reference_id	cpe:2.3:a:redhat:ansible_tower:3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:ansible_tower:3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-1061

reference_id

CVE-2018-1061

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-1061

reference_url	https://access.redhat.com/errata/RHSA-2018:3041
reference_id	RHSA-2018:3041
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2018:3041

reference_url	https://access.redhat.com/errata/RHSA-2019:3725
reference_id	RHSA-2019:3725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3725

reference_url	https://access.redhat.com/errata/RHSA-2020:1268
reference_id	RHSA-2020:1268
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1268

reference_url	https://access.redhat.com/errata/RHSA-2020:1346
reference_id	RHSA-2020:1346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1346

reference_url	https://usn.ubuntu.com/3817-1/
reference_id	USN-3817-1
reference_type
scores
url	https://usn.ubuntu.com/3817-1/

reference_url	https://usn.ubuntu.com/3817-2/
reference_id	USN-3817-2
reference_type
scores
url	https://usn.ubuntu.com/3817-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

purl pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3

url pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

purl pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1

aliases CVE-2018-1061

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j9s6-2y47-zbbt

url VCID-k18q-3e9y-ykgf

vulnerability_id VCID-k18q-3e9y-ykgf

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could result in a Denial of Service condition.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html

reference_url	http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html
reference_id
reference_type
scores
url	http://packetstormsecurity.com/files/154927/Slackware-Security-Advisory-python-Updates.html

reference_url	https://access.redhat.com/errata/RHSA-2019:3335
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3335

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9948.json

reference_id

reference_type

scores

value	7.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9948.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9948

reference_id

reference_type

scores

value	0.0096
scoring_system	epss
scoring_elements	0.76418
published_at	2026-04-01T12:55:00Z

value	0.0096
scoring_system	epss
scoring_elements	0.76481
published_at	2026-04-12T12:55:00Z

value	0.0096
scoring_system	epss
scoring_elements	0.76464
published_at	2026-04-08T12:55:00Z

value	0.0096
scoring_system	epss
scoring_elements	0.76477
published_at	2026-04-13T12:55:00Z

value	0.0096
scoring_system	epss
scoring_elements	0.76503
published_at	2026-04-11T12:55:00Z

value	0.0096
scoring_system	epss
scoring_elements	0.76421
published_at	2026-04-02T12:55:00Z

value	0.0096
scoring_system	epss
scoring_elements	0.7645
published_at	2026-04-04T12:55:00Z

value	0.0096
scoring_system	epss
scoring_elements	0.76431
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9948

reference_url	https://bugs.python.org/issue35907
reference_id
reference_type
scores
url	https://bugs.python.org/issue35907

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9948

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/python/cpython/pull/11842
reference_id
reference_type
scores
url	https://github.com/python/cpython/pull/11842

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/07/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/07/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/

reference_url	https://seclists.org/bugtraq/2019/Oct/29
reference_id
reference_type
scores
url	https://seclists.org/bugtraq/2019/Oct/29

reference_url	https://security.netapp.com/advisory/ntap-20190404-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190404-0004/

reference_url	http://www.securityfocus.com/bid/107549
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107549

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1695570
reference_id	1695570
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1695570

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_tus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:8.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9948

reference_id

CVE-2019-9948

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:N

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9948

reference_url	https://security.gentoo.org/glsa/202003-26
reference_id	GLSA-202003-26
reference_type
scores
url	https://security.gentoo.org/glsa/202003-26

reference_url	https://access.redhat.com/errata/RHSA-2019:1700
reference_id	RHSA-2019:1700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1700

reference_url	https://access.redhat.com/errata/RHSA-2019:2030
reference_id	RHSA-2019:2030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2030

reference_url	https://access.redhat.com/errata/RHSA-2019:3520
reference_id	RHSA-2019:3520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3520

reference_url	https://access.redhat.com/errata/RHSA-2019:3725
reference_id	RHSA-2019:3725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3725

reference_url	https://access.redhat.com/errata/RHSA-2020:1268
reference_id	RHSA-2020:1268
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1268

reference_url	https://access.redhat.com/errata/RHSA-2020:1346
reference_id	RHSA-2020:1346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1346

reference_url	https://access.redhat.com/errata/RHSA-2020:1462
reference_id	RHSA-2020:1462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1462

reference_url	https://usn.ubuntu.com/4127-1/
reference_id	USN-4127-1
reference_type
scores
url	https://usn.ubuntu.com/4127-1/

reference_url	https://usn.ubuntu.com/4127-2/
reference_id	USN-4127-2
reference_type
scores
url	https://usn.ubuntu.com/4127-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

purl pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1

aliases CVE-2019-9948

risk_score 4.1

exploitability 0.5

weighted_severity 8.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k18q-3e9y-ykgf

url VCID-ppqx-qup8-sqbz

vulnerability_id VCID-ppqx-qup8-sqbz

summary python: email.utils.parseaddr wrongly parses email addresses

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16056.json

reference_id

reference_type

scores

value	7.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16056.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16056

reference_id

reference_type

scores

value	0.00899
scoring_system	epss
scoring_elements	0.75591
published_at	2026-04-01T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75624
published_at	2026-04-04T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75594
published_at	2026-04-02T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75604
published_at	2026-04-07T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75638
published_at	2026-04-08T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75649
published_at	2026-04-09T12:55:00Z

value	0.00899
scoring_system	epss
scoring_elements	0.75674
published_at	2026-04-11T12:55:00Z

value	0.01217
scoring_system	epss
scoring_elements	0.79032
published_at	2026-04-13T12:55:00Z

value	0.01217
scoring_system	epss
scoring_elements	0.79042
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16056

reference_url	https://bugs.python.org/issue34155
reference_id
reference_type
scores
url	https://bugs.python.org/issue34155

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16056

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9
reference_id
reference_type
scores
url	https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/09/msg00018.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/09/msg00019.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K4KZEFP6E4YPYB52AF4WXCUDSGQOTF37/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NF3DRDGMVIRYNZMSLJIHNW47HOUQYXVG/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QASRD4E2G65GGEHYKVHYCXB2XWAGTNL4/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QP46PQSUKYPGWTADQ67NOV3BUN6JM34Z/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SDQQ56P7ZZR64XV5DUVWNSNXKKEXUG2J/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/

reference_url	https://security.netapp.com/advisory/ntap-20190926-0005/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190926-0005/

reference_url	https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpuapr2020.html

reference_url	https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2020.html

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1749839
reference_id	1749839
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1749839

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940901
reference_id	940901
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=940901

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor::::::::
reference_id	cpe:2.3:a:oracle:communications_operations_monitor::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:::::::*
reference_id	cpe:2.3:a:oracle:communications_operations_monitor:3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_operations_monitor:3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*
reference_id	cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::*
reference_id	cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*
reference_id	cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_id	cpe:2.3:a:redhat:software_collections:1.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:software_collections:1.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11:::::::*
reference_id	cpe:2.3:o:oracle:solaris:11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-16056

reference_id

CVE-2019-16056

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-16056

reference_url	https://access.redhat.com/errata/RHSA-2019:3725
reference_id	RHSA-2019:3725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3725

reference_url	https://access.redhat.com/errata/RHSA-2019:3948
reference_id	RHSA-2019:3948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3948

reference_url	https://access.redhat.com/errata/RHSA-2020:1131
reference_id	RHSA-2020:1131
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1131

reference_url	https://access.redhat.com/errata/RHSA-2020:1132
reference_id	RHSA-2020:1132
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1132

reference_url	https://access.redhat.com/errata/RHSA-2020:1605
reference_id	RHSA-2020:1605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1605

reference_url	https://access.redhat.com/errata/RHSA-2020:1764
reference_id	RHSA-2020:1764
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1764

reference_url	https://access.redhat.com/errata/RHSA-2020:2520
reference_id	RHSA-2020:2520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:2520

reference_url	https://usn.ubuntu.com/4151-1/
reference_id	USN-4151-1
reference_type
scores
url	https://usn.ubuntu.com/4151-1/

reference_url	https://usn.ubuntu.com/4151-2/
reference_id	USN-4151-2
reference_type
scores
url	https://usn.ubuntu.com/4151-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2019-16056

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ppqx-qup8-sqbz

url VCID-tyk4-kazt-kydj

vulnerability_id VCID-tyk4-kazt-kydj

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20907.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20907.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-20907

reference_id

reference_type

scores

value	0.00323
scoring_system	epss
scoring_elements	0.55257
published_at	2026-04-01T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55355
published_at	2026-04-02T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.5538
published_at	2026-04-04T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55358
published_at	2026-04-07T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55408
published_at	2026-04-09T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55419
published_at	2026-04-11T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55397
published_at	2026-04-12T12:55:00Z

value	0.00323
scoring_system	epss
scoring_elements	0.55379
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-20907

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20907

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1856481
reference_id	1856481
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1856481

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099
reference_id	970099
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970099

reference_url	https://security.gentoo.org/glsa/202008-01
reference_id	GLSA-202008-01
reference_type
scores
url	https://security.gentoo.org/glsa/202008-01

reference_url	https://access.redhat.com/errata/RHSA-2020:4273
reference_id	RHSA-2020:4273
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4273

reference_url	https://access.redhat.com/errata/RHSA-2020:4285
reference_id	RHSA-2020:4285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4285

reference_url	https://access.redhat.com/errata/RHSA-2020:4299
reference_id	RHSA-2020:4299
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4299

reference_url	https://access.redhat.com/errata/RHSA-2020:4433
reference_id	RHSA-2020:4433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4433

reference_url	https://access.redhat.com/errata/RHSA-2020:4641
reference_id	RHSA-2020:4641
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4641

reference_url	https://access.redhat.com/errata/RHSA-2020:4654
reference_id	RHSA-2020:4654
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4654

reference_url	https://access.redhat.com/errata/RHSA-2020:5009
reference_id	RHSA-2020:5009
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5009

reference_url	https://access.redhat.com/errata/RHSA-2020:5010
reference_id	RHSA-2020:5010
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:5010

reference_url	https://access.redhat.com/errata/RHSA-2021:0528
reference_id	RHSA-2021:0528
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0528

reference_url	https://access.redhat.com/errata/RHSA-2021:0761
reference_id	RHSA-2021:0761
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0761

reference_url	https://access.redhat.com/errata/RHSA-2021:0881
reference_id	RHSA-2021:0881
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0881

reference_url	https://access.redhat.com/errata/RHSA-2021:0949
reference_id	RHSA-2021:0949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0949

reference_url	https://usn.ubuntu.com/4428-1/
reference_id	USN-4428-1
reference_type
scores
url	https://usn.ubuntu.com/4428-1/

reference_url	https://usn.ubuntu.com/4754-3/
reference_id	USN-4754-3
reference_type
scores
url	https://usn.ubuntu.com/4754-3/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2019-20907

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tyk4-kazt-kydj

url VCID-ugfy-dufq-hfb2

vulnerability_id VCID-ugfy-dufq-hfb2

summary CGIHandler: sets environmental variable based on user supplied Proxy request header

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000110.json

reference_id

reference_type

scores

value	5.0
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000110.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2016-1000110

reference_id

reference_type

scores

value	0.05904
scoring_system	epss
scoring_elements	0.90601
published_at	2026-04-13T12:55:00Z

value	0.05904
scoring_system	epss
scoring_elements	0.90591
published_at	2026-04-08T12:55:00Z

value	0.05904
scoring_system	epss
scoring_elements	0.90598
published_at	2026-04-09T12:55:00Z

value	0.05904
scoring_system	epss
scoring_elements	0.90607
published_at	2026-04-12T12:55:00Z

value	0.05904
scoring_system	epss
scoring_elements	0.90572
published_at	2026-04-04T12:55:00Z

value	0.05904
scoring_system	epss
scoring_elements	0.9058
published_at	2026-04-07T12:55:00Z

value	0.09899
scoring_system	epss
scoring_elements	0.92986
published_at	2026-04-02T12:55:00Z

value	0.09899
scoring_system	epss
scoring_elements	0.92978
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2016-1000110

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1357334
reference_id	1357334
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1357334

reference_url	https://access.redhat.com/errata/RHSA-2016:1626
reference_id	RHSA-2016:1626
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1626

reference_url	https://access.redhat.com/errata/RHSA-2016:1627
reference_id	RHSA-2016:1627
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1627

reference_url	https://access.redhat.com/errata/RHSA-2016:1628
reference_id	RHSA-2016:1628
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1628

reference_url	https://access.redhat.com/errata/RHSA-2016:1629
reference_id	RHSA-2016:1629
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1629

reference_url	https://access.redhat.com/errata/RHSA-2016:1630
reference_id	RHSA-2016:1630
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1630

reference_url	https://usn.ubuntu.com/3134-1/
reference_id	USN-3134-1
reference_type
scores
url	https://usn.ubuntu.com/3134-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

purl pkg:deb/debian/python2.7@2.7.13-2%2Bdeb9u3

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.13-2%252Bdeb9u3

aliases CVE-2016-1000110

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ugfy-dufq-hfb2

url VCID-v84j-ugn9-w3c8

vulnerability_id VCID-v84j-ugn9-w3c8

summary python: XSS vulnerability in the documentation XML-RPC server in server_title field

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00012.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-11/msg00021.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-16935.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-16935

reference_id

reference_type

scores

value	0.02256
scoring_system	epss
scoring_elements	0.84528
published_at	2026-04-01T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84605
published_at	2026-04-13T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84595
published_at	2026-04-09T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84614
published_at	2026-04-11T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84609
published_at	2026-04-12T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84542
published_at	2026-04-02T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84564
published_at	2026-04-04T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84567
published_at	2026-04-07T12:55:00Z

value	0.02256
scoring_system	epss
scoring_elements	0.84589
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-16935

reference_url	https://bugs.python.org/issue38243
reference_id
reference_type
scores
url	https://bugs.python.org/issue38243

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16935

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897
reference_id
reference_type
scores
url	https://github.com/python/cpython/blob/35c0809158be7feae4c4f877a08b93baea2d8291/Lib/xmlrpc/server.py#L897

reference_url	https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213
reference_id
reference_type
scores
url	https://github.com/python/cpython/blob/e007860b8b3609ce0bc62b1780efaa06241520bd/Lib/DocXMLRPCServer.py#L213

reference_url	https://github.com/python/cpython/pull/16373
reference_id
reference_type
scores
url	https://github.com/python/cpython/pull/16373

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2021/04/msg00015.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEARDOTXCYPYELKBD2KWZ27GSPXDI3GQ/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/COATURTCY7G67AYI6UDV5B2JZTBCKIDX/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K7HNVIFMETMFWWWUNTB72KYJYXCZOS5V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OYGESQSGIHDCIGOBVF7VXCMIE6YDWRYB/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBTGPBUABGXZ7WH7677OEM3NSP6ZEA76/

reference_url	https://security.netapp.com/advisory/ntap-20191017-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20191017-0004/

reference_url	https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2020.html

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149
reference_id	1027149
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027149

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1763229
reference_id	1763229
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1763229

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-16935

reference_id

CVE-2019-16935

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-16935

reference_url	https://access.redhat.com/errata/RHSA-2020:1605
reference_id	RHSA-2020:1605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1605

reference_url	https://access.redhat.com/errata/RHSA-2020:3888
reference_id	RHSA-2020:3888
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3888

reference_url	https://access.redhat.com/errata/RHSA-2020:3911
reference_id	RHSA-2020:3911
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3911

reference_url	https://access.redhat.com/errata/RHSA-2020:4285
reference_id	RHSA-2020:4285
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4285

reference_url	https://access.redhat.com/errata/RHSA-2020:4433
reference_id	RHSA-2020:4433
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:4433

reference_url	https://access.redhat.com/errata/RHSA-2021:0949
reference_id	RHSA-2021:0949
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:0949

reference_url	https://usn.ubuntu.com/4151-1/
reference_id	USN-4151-1
reference_type
scores
url	https://usn.ubuntu.com/4151-1/

reference_url	https://usn.ubuntu.com/4151-2/
reference_id	USN-4151-2
reference_type
scores
url	https://usn.ubuntu.com/4151-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2019-16935

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v84j-ugn9-w3c8

url VCID-vpwj-d49q-1uh8

vulnerability_id VCID-vpwj-d49q-1uh8

summary Multiple vulnerabilities have been found in Python and PyPy, the worst of which could result in arbitrary code execution.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-0391.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-0391

reference_id

reference_type

scores

value	0.01317
scoring_system	epss
scoring_elements	0.79807
published_at	2026-04-01T12:55:00Z

value	0.01317
scoring_system	epss
scoring_elements	0.79865
published_at	2026-04-12T12:55:00Z

value	0.01317
scoring_system	epss
scoring_elements	0.79815
published_at	2026-04-02T12:55:00Z

value	0.01317
scoring_system	epss
scoring_elements	0.79857
published_at	2026-04-13T12:55:00Z

value	0.01317
scoring_system	epss
scoring_elements	0.79835
published_at	2026-04-04T12:55:00Z

value	0.01317
scoring_system	epss
scoring_elements	0.79823
published_at	2026-04-07T12:55:00Z

value	0.01317
scoring_system	epss
scoring_elements	0.79852
published_at	2026-04-08T12:55:00Z

value	0.01317
scoring_system	epss
scoring_elements	0.7986
published_at	2026-04-09T12:55:00Z

value	0.01317
scoring_system	epss
scoring_elements	0.79882
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-0391

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0391

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2047376
reference_id	2047376
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2047376

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/

reference_id

CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSD2YBXP3ZF44E44QMIIAR5VTO35KTRB/

reference_url

https://bugs.python.org/issue43882

reference_id

issue43882

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/

url

https://bugs.python.org/issue43882

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_url

https://security.netapp.com/advisory/ntap-20220225-0009/

reference_id

ntap-20220225-0009

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/

url

https://security.netapp.com/advisory/ntap-20220225-0009/

reference_url	https://access.redhat.com/errata/RHSA-2022:1663
reference_id	RHSA-2022:1663
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1663

reference_url	https://access.redhat.com/errata/RHSA-2022:1764
reference_id	RHSA-2022:1764
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1764

reference_url	https://access.redhat.com/errata/RHSA-2022:1821
reference_id	RHSA-2022:1821
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1821

reference_url	https://access.redhat.com/errata/RHSA-2022:6457
reference_id	RHSA-2022:6457
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6457

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/

reference_id

UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-17T20:58:36Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDBDBAU6HUPZHISBOARTXZ5GKHF2VH5U/

reference_url	https://usn.ubuntu.com/5342-1/
reference_id	USN-5342-1
reference_type
scores
url	https://usn.ubuntu.com/5342-1/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

reference_url	https://usn.ubuntu.com/USN-5342-2/
reference_id	USN-USN-5342-2
reference_type
scores
url	https://usn.ubuntu.com/USN-5342-2/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2022-0391

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpwj-d49q-1uh8

url VCID-w6k8-js68-87g4

vulnerability_id VCID-w6k8-js68-87g4

summary

Multiple vulnerabilities have been found in Python, the worst of
    which might allow attackers to access sensitive information.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-23336.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-23336

reference_id

reference_type

scores

value	0.003
scoring_system	epss
scoring_elements	0.53342
published_at	2026-04-13T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53358
published_at	2026-04-12T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53323
published_at	2026-04-09T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53374
published_at	2026-04-11T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53329
published_at	2026-04-08T12:55:00Z

value	0.003
scoring_system	epss
scoring_elements	0.53276
published_at	2026-04-07T12:55:00Z

value	0.00311
scoring_system	epss
scoring_elements	0.54301
published_at	2026-04-04T12:55:00Z

value	0.00311
scoring_system	epss
scoring_elements	0.54251
published_at	2026-04-01T12:55:00Z

value	0.00311
scoring_system	epss
scoring_elements	0.54271
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-23336

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23336

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1928904
reference_id	1928904
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1928904

reference_url

https://github.com/python/cpython/pull/24297

reference_id

24297

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://github.com/python/cpython/pull/24297

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/

reference_id

3EPYWWFDV22CJ5AOH5VCE72DOASZZ255

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3EPYWWFDV22CJ5AOH5VCE72DOASZZ255/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/

reference_id

3YKKDLXL3UEZ3J426C2XTBS63AHE46SM

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3YKKDLXL3UEZ3J426C2XTBS63AHE46SM/

reference_url

http://www.openwall.com/lists/oss-security/2021/02/19/4

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

http://www.openwall.com/lists/oss-security/2021/02/19/4

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/

reference_id

46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46N6A52EGSXHJYCZWVMBJJIH4NWIV2B5/

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090
reference_id	983090
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=983090

reference_url	https://security.archlinux.org/ASA-202102-28
reference_id	ASA-202102-28
reference_type
scores
url	https://security.archlinux.org/ASA-202102-28

reference_url	https://security.archlinux.org/ASA-202102-37
reference_id	ASA-202102-37
reference_type
scores
url	https://security.archlinux.org/ASA-202102-37

reference_url

https://security.archlinux.org/AVG-1465

reference_id

AVG-1465

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1465

reference_url

https://security.archlinux.org/AVG-1593

reference_id

AVG-1593

reference_type

scores

value	Medium
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-1593

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2021-23336
reference_id	CVE-2021-23336
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2021-23336

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/

reference_id

FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA/

reference_url

https://security.gentoo.org/glsa/202104-04

reference_id

GLSA-202104-04

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://security.gentoo.org/glsa/202104-04

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/

reference_id

HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/

reference_id

HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HZTM7KLHFCE3LWSEVO2NAFLUHMGYMCRY/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/

reference_id

IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IHQDU7NXA7EWAE4W7VO6MURVJIULEPPR/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/

reference_id

KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJXCMHLY7H3FIYLE4OKDYUILU2CCRUCZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/

reference_id

LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LVNH6Z24IG3E67ZCQGGJ46FZB4XFLQNZ/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/

reference_id

MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MNUN5SOMFL2BBKP6ZAICIIUPQKZDMGYO/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/

reference_id

MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62/

reference_url

https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html

reference_id

msg00005.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html

reference_url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_id

msg00022.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.debian.org/debian-lts-announce/2023/09/msg00022.html

reference_url

https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html

reference_id

msg00030.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.debian.org/debian-lts-announce/2021/02/msg00030.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/

reference_id

N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N6VXJZSZ6N64AILJX4CTMACYGQGHHD5C/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/

reference_id

NJSCSN722JO2E2AGPWD4NTGVELVRPB4R

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NJSCSN722JO2E2AGPWD4NTGVELVRPB4R/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/

reference_id

NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2/

reference_url

https://security.netapp.com/advisory/ntap-20210326-0004/

reference_id

ntap-20210326-0004

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://security.netapp.com/advisory/ntap-20210326-0004/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/

reference_id

OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OAGSWNGZJ6HQ5ISA67SNMK3CJRKICET7/

reference_url

https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E

reference_id

rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.apache.org/thread.html/rc005f4de9d9b0ba943ceb8ff5a21a5c6ff8a9df52632476698d99432%40%3Cannounce.apache.org%3E

reference_url	https://access.redhat.com/errata/RHSA-2021:1633
reference_id	RHSA-2021:1633
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:1633

reference_url	https://access.redhat.com/errata/RHSA-2021:3252
reference_id	RHSA-2021:3252
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3252

reference_url	https://access.redhat.com/errata/RHSA-2021:4151
reference_id	RHSA-2021:4151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4151

reference_url	https://access.redhat.com/errata/RHSA-2021:4162
reference_id	RHSA-2021:4162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4162

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/

reference_id

RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RSLQD5CCM75IZGAMBDGUZEATYU5YSGJ7/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/

reference_id

SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SGIY6I4YS3WOXAK4SXKIEOC2G4VZKIR7/

reference_url

https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933

reference_id

SNYK-UPSTREAM-PYTHONCPYTHON-1074933

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://snyk.io/vuln/SNYK-UPSTREAM-PYTHONCPYTHON-1074933

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/

reference_id

TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TFTELUMWZE3KV3JB2H5EE6VFRZFRD5MV/

reference_url	https://usn.ubuntu.com/4742-1/
reference_id	USN-4742-1
reference_type
scores
url	https://usn.ubuntu.com/4742-1/

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/

reference_id

W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H/E:P/RL:U/RC:C

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-17T21:16:05Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W2LSKBEFI5SYEY5FM6ICZVZM5WRQUCS4/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2021-23336

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6k8-js68-87g4

url VCID-wq7w-nrar-ykde

vulnerability_id VCID-wq7w-nrar-ykde

summary

A buffer overflow in Python might allow remote attackers to execute
    arbitrary code.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000158.json

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000158.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000158

reference_id

reference_type

scores

value	0.0359
scoring_system	epss
scoring_elements	0.87757
published_at	2026-04-13T12:55:00Z

value	0.0359
scoring_system	epss
scoring_elements	0.87726
published_at	2026-04-07T12:55:00Z

value	0.0359
scoring_system	epss
scoring_elements	0.87747
published_at	2026-04-08T12:55:00Z

value	0.0359
scoring_system	epss
scoring_elements	0.87753
published_at	2026-04-09T12:55:00Z

value	0.0359
scoring_system	epss
scoring_elements	0.87764
published_at	2026-04-11T12:55:00Z

value	0.0359
scoring_system	epss
scoring_elements	0.87758
published_at	2026-04-12T12:55:00Z

value	0.03719
scoring_system	epss
scoring_elements	0.87923
published_at	2026-04-01T12:55:00Z

value	0.03719
scoring_system	epss
scoring_elements	0.87933
published_at	2026-04-02T12:55:00Z

value	0.03719
scoring_system	epss
scoring_elements	0.87946
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000158

reference_url	https://bugs.python.org/issue30657
reference_id
reference_type
scores
url	https://bugs.python.org/issue30657

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000158

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1060

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1061

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14647

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00035.html

reference_url	https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2017/11/msg00036.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00030.html

reference_url	https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2018/09/msg00031.html

reference_url	https://security.netapp.com/advisory/ntap-20230216-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20230216-0001/

reference_url	https://www.debian.org/security/2018/dsa-4307
reference_id
reference_type
scores
url	https://www.debian.org/security/2018/dsa-4307

reference_url	http://www.securitytracker.com/id/1039890
reference_id
reference_type
scores
url	http://www.securitytracker.com/id/1039890

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1519595
reference_id	1519595
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1519595

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000158

reference_id

CVE-2017-1000158

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2017-1000158

reference_url	https://security.gentoo.org/glsa/201805-02
reference_id	GLSA-201805-02
reference_type
scores
url	https://security.gentoo.org/glsa/201805-02

reference_url	https://usn.ubuntu.com/3496-1/
reference_id	USN-3496-1
reference_type
scores
url	https://usn.ubuntu.com/3496-1/

reference_url	https://usn.ubuntu.com/3496-2/
reference_id	USN-3496-2
reference_type
scores
url	https://usn.ubuntu.com/3496-2/

reference_url	https://usn.ubuntu.com/3496-3/
reference_id	USN-3496-3
reference_type
scores
url	https://usn.ubuntu.com/3496-3/

fixed_packages

url pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

purl pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1

aliases CVE-2017-1000158

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wq7w-nrar-ykde

url VCID-wxhp-wayg-qbd1

vulnerability_id VCID-wxhp-wayg-qbd1

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could result in a Denial of Service condition.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00092.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00097.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00097.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00024.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00024.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00050.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00042.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

reference_url	https://access.redhat.com/errata/RHBA-2019:0763
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:0763

reference_url	https://access.redhat.com/errata/RHBA-2019:0764
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:0764

reference_url	https://access.redhat.com/errata/RHBA-2019:0959
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHBA-2019:0959

reference_url	https://access.redhat.com/errata/RHSA-2019:0981
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0981

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9636.json

reference_id

reference_type

scores

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9636.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9636

reference_id

reference_type

scores

value	0.08786
scoring_system	epss
scoring_elements	0.9248
published_at	2026-04-01T12:55:00Z

value	0.08786
scoring_system	epss
scoring_elements	0.92495
published_at	2026-04-04T12:55:00Z

value	0.08786
scoring_system	epss
scoring_elements	0.92486
published_at	2026-04-02T12:55:00Z

value	0.08786
scoring_system	epss
scoring_elements	0.92499
published_at	2026-04-07T12:55:00Z

value	0.08786
scoring_system	epss
scoring_elements	0.9251
published_at	2026-04-08T12:55:00Z

value	0.08786
scoring_system	epss
scoring_elements	0.92515
published_at	2026-04-09T12:55:00Z

value	0.08786
scoring_system	epss
scoring_elements	0.92521
published_at	2026-04-11T12:55:00Z

value	0.11474
scoring_system	epss
scoring_elements	0.93606
published_at	2026-04-12T12:55:00Z

value	0.11474
scoring_system	epss
scoring_elements	0.93607
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9636

reference_url	https://bugs.python.org/issue36216
reference_id
reference_type
scores
url	https://bugs.python.org/issue36216

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9636
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9636

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://github.com/python/cpython/pull/12201
reference_id
reference_type
scores
url	https://github.com/python/cpython/pull/12201

reference_url	https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2ORNTF62QPLMJXIQ7KTZQ2776LMIXEKL/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/44TS66GJMO5H3RLMVZEBGEFTB6O2LJJU/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/46PVWY5LFP4BRPG3BVQ5QEEFYBVEXHCK/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4X3HW5JRZ7GCPSR7UHJOLD7AWLTQCDVR/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AEZ5IQT7OF7Q2NCGIVABOWYGKO7YU3NJ/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFBAAGM27H73OLYBUA2IAZFSUN6KGLME/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFBAAGM27H73OLYBUA2IAZFSUN6KGLME/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D3LXPABKVLFYUHRYJPM3CSS5MS6FXKS7/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E2HP37NUVLQSBW3J735A2DQDOZ4ZGBLY/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ER6LONC2B2WYIO56GBQUDU6QTWZDPUNQ/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HQEQLXLOCR3SNM3AA5RRYJFQ5AZBYJ4L/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ICBEGRHIPHWPG2VGYS6R4EVKVUUF4AQW/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFAXBEY2TGOBDRKTR556JBXBVFSAKD6I/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFAXBEY2TGOBDRKTR556JBXBVFSAKD6I/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JCPGLTTOBB3QEARDX4JOYURP6ELNNA2V/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JSKPGPZQNTAULHW4UH63KGOOUIDE4RRB/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KRYFIMISZ47NTAU3XWZUOFB7CYL62KES/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L25RTMKCF62DLC2XVSNXGX7C7HXISLVM/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L25RTMKCF62DLC2XVSNXGX7C7HXISLVM/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/M34WOYCDKTDE5KLUACE2YIEH7D37KHRX/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TR6GCO3WTV4D5L23WTCBF275VE6BVNI3/

reference_url	https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html
reference_id
reference_type
scores
url	https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html

reference_url	https://security.netapp.com/advisory/ntap-20190517-0001/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190517-0001/

reference_url	https://www.oracle.com/security-alerts/cpujan2020.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujan2020.html

reference_url	https://www.oracle.com/security-alerts/cpujul2022.html
reference_id
reference_type
scores
url	https://www.oracle.com/security-alerts/cpujul2022.html

reference_url	http://www.securityfocus.com/bid/107400
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/107400

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1688543
reference_id	1688543
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1688543

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924073
reference_id	924073
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924073

reference_url	https://security.archlinux.org/ASA-201906-17
reference_id	ASA-201906-17
reference_type
scores
url	https://security.archlinux.org/ASA-201906-17

reference_url

https://security.archlinux.org/AVG-977

reference_id

AVG-977

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-977

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:::::::*
reference_id	cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:sun_zfs_storage_appliance_kit:8.8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_id	cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:::::::*
reference_id	cpe:2.3:a:redhat:virtualization:4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:virtualization:4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_id	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_id	cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:30:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_id	cpe:2.3:o:fedoraproject:fedora:31:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:31:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_id	cpe:2.3:o:opensuse:leap:42.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:5.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_eus:5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_eus:5.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9636

reference_id

CVE-2019-9636

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:N

value	9.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9636

reference_url	https://security.gentoo.org/glsa/202003-26
reference_id	GLSA-202003-26
reference_type
scores
url	https://security.gentoo.org/glsa/202003-26

reference_url	https://access.redhat.com/errata/RHSA-2019:0710
reference_id	RHSA-2019:0710
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0710

reference_url	https://access.redhat.com/errata/RHSA-2019:0765
reference_id	RHSA-2019:0765
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0765

reference_url	https://access.redhat.com/errata/RHSA-2019:0806
reference_id	RHSA-2019:0806
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0806

reference_url	https://access.redhat.com/errata/RHSA-2019:0902
reference_id	RHSA-2019:0902
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0902

reference_url	https://access.redhat.com/errata/RHSA-2019:0997
reference_id	RHSA-2019:0997
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:0997

reference_url	https://access.redhat.com/errata/RHSA-2019:1467
reference_id	RHSA-2019:1467
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1467

reference_url	https://access.redhat.com/errata/RHSA-2019:2980
reference_id	RHSA-2019:2980
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2980

reference_url	https://access.redhat.com/errata/RHSA-2019:3170
reference_id	RHSA-2019:3170
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3170

reference_url	https://usn.ubuntu.com/4127-1/
reference_id	USN-4127-1
reference_type
scores
url	https://usn.ubuntu.com/4127-1/

reference_url	https://usn.ubuntu.com/4127-2/
reference_id	USN-4127-2
reference_type
scores
url	https://usn.ubuntu.com/4127-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

purl pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1

aliases CVE-2019-9636

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wxhp-wayg-qbd1

url VCID-x7h3-nmjt-aud5

vulnerability_id VCID-x7h3-nmjt-aud5

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could result in a Denial of Service condition.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00062.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00063.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

reference_url	https://access.redhat.com/errata/RHSA-2019:1260
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:1260

reference_url	https://access.redhat.com/errata/RHSA-2019:3335
reference_id
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3335

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9947.json

reference_id

reference_type

scores

value	6.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9947.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-9947

reference_id

reference_type

scores

value	0.01161
scoring_system	epss
scoring_elements	0.78546
published_at	2026-04-01T12:55:00Z

value	0.01161
scoring_system	epss
scoring_elements	0.78596
published_at	2026-04-13T12:55:00Z

value	0.01161
scoring_system	epss
scoring_elements	0.78598
published_at	2026-04-09T12:55:00Z

value	0.01161
scoring_system	epss
scoring_elements	0.78623
published_at	2026-04-11T12:55:00Z

value	0.01161
scoring_system	epss
scoring_elements	0.78605
published_at	2026-04-12T12:55:00Z

value	0.01161
scoring_system	epss
scoring_elements	0.78553
published_at	2026-04-02T12:55:00Z

value	0.01161
scoring_system	epss
scoring_elements	0.78584
published_at	2026-04-04T12:55:00Z

value	0.01161
scoring_system	epss
scoring_elements	0.78566
published_at	2026-04-07T12:55:00Z

value	0.01161
scoring_system	epss
scoring_elements	0.78592
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-9947

reference_url	https://bugs.python.org/issue35906
reference_id
reference_type
scores
url	https://bugs.python.org/issue35906

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9947
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9947

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/06/msg00022.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/06/msg00023.html

reference_url	https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2019/06/msg00026.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JMWSKTNOHSUOT3L25QFJAVCFYZX46FYK/

reference_url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/
reference_id
reference_type
scores
url	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JXASHCDD4PQFKTMKQN4YOP5ZH366ABN4/

reference_url	https://security.netapp.com/advisory/ntap-20190404-0004/
reference_id
reference_type
scores
url	https://security.netapp.com/advisory/ntap-20190404-0004/

reference_url	http://www.openwall.com/lists/oss-security/2021/02/04/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2021/02/04/2

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1695572
reference_id	1695572
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1695572

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-9947

reference_id

CVE-2019-9947

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-9947

reference_url	https://security.gentoo.org/glsa/202003-26
reference_id	GLSA-202003-26
reference_type
scores
url	https://security.gentoo.org/glsa/202003-26

reference_url	https://access.redhat.com/errata/RHSA-2019:2030
reference_id	RHSA-2019:2030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2030

reference_url	https://access.redhat.com/errata/RHSA-2019:3520
reference_id	RHSA-2019:3520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3520

reference_url	https://access.redhat.com/errata/RHSA-2019:3725
reference_id	RHSA-2019:3725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3725

reference_url	https://access.redhat.com/errata/RHSA-2020:1268
reference_id	RHSA-2020:1268
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1268

reference_url	https://access.redhat.com/errata/RHSA-2020:1346
reference_id	RHSA-2020:1346
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1346

reference_url	https://access.redhat.com/errata/RHSA-2020:1462
reference_id	RHSA-2020:1462
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1462

reference_url	https://usn.ubuntu.com/4127-1/
reference_id	USN-4127-1
reference_type
scores
url	https://usn.ubuntu.com/4127-1/

reference_url	https://usn.ubuntu.com/4127-2/
reference_id	USN-4127-2
reference_type
scores
url	https://usn.ubuntu.com/4127-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2019-9947

risk_score 3.0

exploitability 0.5

weighted_severity 5.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x7h3-nmjt-aud5

url VCID-xv9p-nyha-xygv

vulnerability_id VCID-xv9p-nyha-xygv

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could result in a Denial of Service condition.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20852.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20852.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-20852

reference_id

reference_type

scores

value	0.01989
scoring_system	epss
scoring_elements	0.83546
published_at	2026-04-01T12:55:00Z

value	0.01989
scoring_system	epss
scoring_elements	0.83558
published_at	2026-04-02T12:55:00Z

value	0.01989
scoring_system	epss
scoring_elements	0.83573
published_at	2026-04-04T12:55:00Z

value	0.01989
scoring_system	epss
scoring_elements	0.83574
published_at	2026-04-07T12:55:00Z

value	0.01989
scoring_system	epss
scoring_elements	0.83598
published_at	2026-04-08T12:55:00Z

value	0.01989
scoring_system	epss
scoring_elements	0.83606
published_at	2026-04-09T12:55:00Z

value	0.01989
scoring_system	epss
scoring_elements	0.83622
published_at	2026-04-11T12:55:00Z

value	0.01989
scoring_system	epss
scoring_elements	0.83616
published_at	2026-04-12T12:55:00Z

value	0.01989
scoring_system	epss
scoring_elements	0.83611
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-20852

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20852
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20852

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1740347
reference_id	1740347
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1740347

reference_url	https://security.gentoo.org/glsa/202003-26
reference_id	GLSA-202003-26
reference_type
scores
url	https://security.gentoo.org/glsa/202003-26

reference_url	https://access.redhat.com/errata/RHSA-2019:3725
reference_id	RHSA-2019:3725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3725

reference_url	https://access.redhat.com/errata/RHSA-2019:3948
reference_id	RHSA-2019:3948
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3948

reference_url	https://access.redhat.com/errata/RHSA-2020:1131
reference_id	RHSA-2020:1131
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1131

reference_url	https://access.redhat.com/errata/RHSA-2020:1132
reference_id	RHSA-2020:1132
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1132

reference_url	https://access.redhat.com/errata/RHSA-2020:1605
reference_id	RHSA-2020:1605
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1605

reference_url	https://access.redhat.com/errata/RHSA-2020:1764
reference_id	RHSA-2020:1764
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:1764

reference_url	https://usn.ubuntu.com/4127-1/
reference_id	USN-4127-1
reference_type
scores
url	https://usn.ubuntu.com/4127-1/

reference_url	https://usn.ubuntu.com/4127-2/
reference_id	USN-4127-2
reference_type
scores
url	https://usn.ubuntu.com/4127-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
purl	pkg:deb/debian/python2.7@2.7.18-8%2Bdeb11u1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.18-8%252Bdeb11u1

aliases CVE-2018-20852

risk_score 2.4

exploitability 0.5

weighted_severity 4.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xv9p-nyha-xygv

url VCID-yqm8-fk44-4yhk

vulnerability_id VCID-yqm8-fk44-4yhk

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could result in a Denial of Service condition.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5010.json

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-5010.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-5010

reference_id

reference_type

scores

value	0.05355
scoring_system	epss
scoring_elements	0.90078
published_at	2026-04-13T12:55:00Z

value	0.05355
scoring_system	epss
scoring_elements	0.90056
published_at	2026-04-07T12:55:00Z

value	0.05355
scoring_system	epss
scoring_elements	0.90071
published_at	2026-04-08T12:55:00Z

value	0.05355
scoring_system	epss
scoring_elements	0.90077
published_at	2026-04-09T12:55:00Z

value	0.05355
scoring_system	epss
scoring_elements	0.90086
published_at	2026-04-11T12:55:00Z

value	0.05355
scoring_system	epss
scoring_elements	0.90084
published_at	2026-04-12T12:55:00Z

value	0.0601
scoring_system	epss
scoring_elements	0.90659
published_at	2026-04-01T12:55:00Z

value	0.0601
scoring_system	epss
scoring_elements	0.90675
published_at	2026-04-04T12:55:00Z

value	0.0601
scoring_system	epss
scoring_elements	0.90664
published_at	2026-04-02T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-5010

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5010

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E
reference_id
reference_type
scores
url	https://lists.apache.org/thread.html/r1b103833cb5bc8466e24ff0ecc5e75b45a705334ab6a444e64e840a0%40%3Cissues.bookkeeper.apache.org%3E

reference_url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/07/msg00011.html

reference_url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html
reference_id
reference_type
scores
url	https://lists.debian.org/debian-lts-announce/2020/08/msg00034.html

reference_url	https://talosintelligence.com/vulnerability_reports/TALOS-2019-0758
reference_id
reference_type
scores
url	https://talosintelligence.com/vulnerability_reports/TALOS-2019-0758

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1666519
reference_id	1666519
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1666519

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921040
reference_id	921040
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921040

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_id	cpe:2.3:o:debian:debian_linux:9.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_id	cpe:2.3:o:opensuse:leap:15.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_id	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-5010

reference_id

CVE-2019-5010

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-5010

reference_url	https://security.gentoo.org/glsa/202003-26
reference_id	GLSA-202003-26
reference_type
scores
url	https://security.gentoo.org/glsa/202003-26

reference_url	https://access.redhat.com/errata/RHSA-2019:2030
reference_id	RHSA-2019:2030
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:2030

reference_url	https://access.redhat.com/errata/RHSA-2019:3520
reference_id	RHSA-2019:3520
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3520

reference_url	https://access.redhat.com/errata/RHSA-2019:3725
reference_id	RHSA-2019:3725
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2019:3725

reference_url	https://usn.ubuntu.com/4127-1/
reference_id	USN-4127-1
reference_type
scores
url	https://usn.ubuntu.com/4127-1/

reference_url	https://usn.ubuntu.com/4127-2/
reference_id	USN-4127-2
reference_type
scores
url	https://usn.ubuntu.com/4127-2/

reference_url	https://usn.ubuntu.com/6891-1/
reference_id	USN-6891-1
reference_type
scores
url	https://usn.ubuntu.com/6891-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

purl pkg:deb/debian/python2.7@2.7.16-2%2Bdeb10u1

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.16-2%252Bdeb10u1

aliases CVE-2019-5010

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yqm8-fk44-4yhk

Fixing_vulnerabilities

url VCID-1mw1-384y-huc7

vulnerability_id VCID-1mw1-384y-huc7

summary

Uncontrolled Resource Consumption
Algorithmic complexity vulnerability in the `ssl.match_hostname` function and unspecified versions of python-backports-ssl_match_hostname as used for older Python versions, allows remote attackers to cause a denial of service (CPU consumption) via multiple wildcard characters in the common name in a certificate.

references

reference_url	http://bugs.python.org/issue17980
reference_id
reference_type
scores
url	http://bugs.python.org/issue17980

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-2099

reference_id

reference_type

scores

value	0.05238
scoring_system	epss
scoring_elements	0.89926
published_at	2026-04-01T12:55:00Z

value	0.05238
scoring_system	epss
scoring_elements	0.89929
published_at	2026-04-02T12:55:00Z

value	0.05238
scoring_system	epss
scoring_elements	0.89942
published_at	2026-04-04T12:55:00Z

value	0.05238
scoring_system	epss
scoring_elements	0.89948
published_at	2026-04-07T12:55:00Z

value	0.05238
scoring_system	epss
scoring_elements	0.89964
published_at	2026-04-08T12:55:00Z

value	0.05238
scoring_system	epss
scoring_elements	0.8997
published_at	2026-04-09T12:55:00Z

value	0.05238
scoring_system	epss
scoring_elements	0.89978
published_at	2026-04-11T12:55:00Z

value	0.05238
scoring_system	epss
scoring_elements	0.89976
published_at	2026-04-12T12:55:00Z

value	0.05238
scoring_system	epss
scoring_elements	0.89969
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2099

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066
reference_id	709066
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067
reference_id	709067
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068
reference_id	709068
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069
reference_id	709069
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070
reference_id	709070
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=963260
reference_id	963260
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=963260

reference_url	https://security.gentoo.org/glsa/201401-04
reference_id	GLSA-201401-04
reference_type
scores
url	https://security.gentoo.org/glsa/201401-04

reference_url	https://access.redhat.com/errata/RHSA-2014:1263
reference_id	RHSA-2014:1263
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1263

reference_url	https://access.redhat.com/errata/RHSA-2014:1690
reference_id	RHSA-2014:1690
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2014:1690

reference_url	https://access.redhat.com/errata/RHSA-2015:0042
reference_id	RHSA-2015:0042
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:0042

reference_url	https://access.redhat.com/errata/RHSA-2016:1166
reference_id	RHSA-2016:1166
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1166

reference_url	https://usn.ubuntu.com/1983-1/
reference_id	USN-1983-1
reference_type
scores
url	https://usn.ubuntu.com/1983-1/

reference_url	https://usn.ubuntu.com/1984-1/
reference_id	USN-1984-1
reference_type
scores
url	https://usn.ubuntu.com/1984-1/

reference_url	https://usn.ubuntu.com/1985-1/
reference_id	USN-1985-1
reference_type
scores
url	https://usn.ubuntu.com/1985-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.9-2

purl pkg:deb/debian/python2.7@2.7.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

aliases CVE-2013-2099

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1mw1-384y-huc7

url VCID-8aq9-8cf5-qbet

vulnerability_id VCID-8aq9-8cf5-qbet

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could lead to arbitrary code execution.

references

reference_url	http://bugs.python.org/issue22417
reference_id
reference_type
scores
url	http://bugs.python.org/issue22417

reference_url	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9365.json

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9365.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-9365

reference_id

reference_type

scores

value	0.02127
scoring_system	epss
scoring_elements	0.84093
published_at	2026-04-01T12:55:00Z

value	0.02127
scoring_system	epss
scoring_elements	0.84106
published_at	2026-04-02T12:55:00Z

value	0.02127
scoring_system	epss
scoring_elements	0.84123
published_at	2026-04-04T12:55:00Z

value	0.02127
scoring_system	epss
scoring_elements	0.84125
published_at	2026-04-07T12:55:00Z

value	0.02127
scoring_system	epss
scoring_elements	0.84148
published_at	2026-04-08T12:55:00Z

value	0.02127
scoring_system	epss
scoring_elements	0.84154
published_at	2026-04-09T12:55:00Z

value	0.02127
scoring_system	epss
scoring_elements	0.84171
published_at	2026-04-11T12:55:00Z

value	0.02127
scoring_system	epss
scoring_elements	0.84166
published_at	2026-04-12T12:55:00Z

value	0.02127
scoring_system	epss
scoring_elements	0.84161
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-9365

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9365
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9365

reference_url	https://security.gentoo.org/glsa/201503-10
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201503-10

reference_url	https://support.apple.com/kb/HT205031
reference_id
reference_type
scores
url	https://support.apple.com/kb/HT205031

reference_url	https://www.python.org/dev/peps/pep-0476/
reference_id
reference_type
scores
url	https://www.python.org/dev/peps/pep-0476/

reference_url	https://www.python.org/downloads/release/python-279/
reference_id
reference_type
scores
url	https://www.python.org/downloads/release/python-279/

reference_url	http://www.openwall.com/lists/oss-security/2014/12/11/1
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/12/11/1

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

reference_url	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

reference_url	http://www.securityfocus.com/bid/71639
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/71639

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1173041
reference_id	1173041
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1173041

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:::::::*
reference_id	cpe:2.3:a:python:python:2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:::::::*
reference_id	cpe:2.3:a:python:python:2.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:::::::*
reference_id	cpe:2.3:a:python:python:2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:::::::*
reference_id	cpe:2.3:a:python:python:2.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:::::::*
reference_id	cpe:2.3:a:python:python:2.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:::::::*
reference_id	cpe:2.3:a:python:python:2.1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:::::::*
reference_id	cpe:2.3:a:python:python:2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:::::::*
reference_id	cpe:2.3:a:python:python:2.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:::::::*
reference_id	cpe:2.3:a:python:python:2.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:::::::*
reference_id	cpe:2.3:a:python:python:2.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:::::::*
reference_id	cpe:2.3:a:python:python:2.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:::::::*
reference_id	cpe:2.3:a:python:python:2.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:::::::*
reference_id	cpe:2.3:a:python:python:2.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:::::::*
reference_id	cpe:2.3:a:python:python:2.3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:::::::*
reference_id	cpe:2.3:a:python:python:2.3.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:::::::*
reference_id	cpe:2.3:a:python:python:2.3.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.3.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:::::::*
reference_id	cpe:2.3:a:python:python:2.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:::::::*
reference_id	cpe:2.3:a:python:python:2.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:::::::*
reference_id	cpe:2.3:a:python:python:2.4.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:::::::*
reference_id	cpe:2.3:a:python:python:2.4.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:::::::*
reference_id	cpe:2.3:a:python:python:2.4.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.4.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:::::::*
reference_id	cpe:2.3:a:python:python:2.5.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.150:::::::*
reference_id	cpe:2.3:a:python:python:2.5.150:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.150:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:::::::*
reference_id	cpe:2.3:a:python:python:2.5.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:::::::*
reference_id	cpe:2.3:a:python:python:2.5.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:::::::*
reference_id	cpe:2.3:a:python:python:2.5.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.6:::::::*
reference_id	cpe:2.3:a:python:python:2.5.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.5.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:::::::*
reference_id	cpe:2.3:a:python:python:2.6.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:::::::*
reference_id	cpe:2.3:a:python:python:2.6.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:::::::*
reference_id	cpe:2.3:a:python:python:2.6.2150:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.2150:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:::::::*
reference_id	cpe:2.3:a:python:python:2.6.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:::::::*
reference_id	cpe:2.3:a:python:python:2.6.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:::::::*
reference_id	cpe:2.3:a:python:python:2.6.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:::::::*
reference_id	cpe:2.3:a:python:python:2.6.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:::::::*
reference_id	cpe:2.3:a:python:python:2.6.6150:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.6150:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.7:::::::*
reference_id	cpe:2.3:a:python:python:2.6.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.8:::::::*
reference_id	cpe:2.3:a:python:python:2.6.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.6.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:::::::*
reference_id	cpe:2.3:a:python:python:2.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:::::::*
reference_id	cpe:2.3:a:python:python:2.7.1150:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150::::::x64:
reference_id	cpe:2.3:a:python:python:2.7.1150::::::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150::::::x64:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1::::::
reference_id	cpe:2.3:a:python:python:2.7.1:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:::::::*
reference_id	cpe:2.3:a:python:python:2.7.2150:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1::::::
reference_id	cpe:2.3:a:python:python:2.7.2:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:::::::*
reference_id	cpe:2.3:a:python:python:2.7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:::::::*
reference_id	cpe:2.3:a:python:python:2.7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:::::::*
reference_id	cpe:2.3:a:python:python:2.7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:::::::*
reference_id	cpe:2.3:a:python:python:2.7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.7:::::::*
reference_id	cpe:2.3:a:python:python:2.7.7:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.7:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.8:::::::*
reference_id	cpe:2.3:a:python:python:2.7.8:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.8:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:::::::*
reference_id	cpe:2.3:a:python:python:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:::::::*
reference_id	cpe:2.3:a:python:python:3.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:::::::*
reference_id	cpe:2.3:a:python:python:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:::::::*
reference_id	cpe:2.3:a:python:python:3.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:::::::*
reference_id	cpe:2.3:a:python:python:3.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150::::::x64:
reference_id	cpe:2.3:a:python:python:3.1.2150::::::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150::::::x64:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:::::::*
reference_id	cpe:2.3:a:python:python:3.1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:::::::*
reference_id	cpe:2.3:a:python:python:3.1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:::::::*
reference_id	cpe:2.3:a:python:python:3.1.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:::::::*
reference_id	cpe:2.3:a:python:python:3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:::::::*
reference_id	cpe:2.3:a:python:python:3.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:::::::*
reference_id	cpe:2.3:a:python:python:3.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:::::::*
reference_id	cpe:2.3:a:python:python:3.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:::::::*
reference_id	cpe:2.3:a:python:python:3.2.2150:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:::::::*
reference_id	cpe:2.3:a:python:python:3.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:::::::*
reference_id	cpe:2.3:a:python:python:3.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:::::::*
reference_id	cpe:2.3:a:python:python:3.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:::::::*
reference_id	cpe:2.3:a:python:python:3.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha::::::
reference_id	cpe:2.3:a:python:python:3.2:alpha::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:::::::*
reference_id	cpe:2.3:a:python:python:3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:::::::*
reference_id	cpe:2.3:a:python:python:3.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:::::::*
reference_id	cpe:2.3:a:python:python:3.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1::::::
reference_id	cpe:2.3:a:python:python:3.3.1:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:::::::*
reference_id	cpe:2.3:a:python:python:3.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:::::::*
reference_id	cpe:2.3:a:python:python:3.3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc1::::::
reference_id	cpe:2.3:a:python:python:3.3.3:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc2::::::
reference_id	cpe:2.3:a:python:python:3.3.3:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.3:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:::::::*
reference_id	cpe:2.3:a:python:python:3.3.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:rc1::::::
reference_id	cpe:2.3:a:python:python:3.3.4:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.4:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:-::::::
reference_id	cpe:2.3:a:python:python:3.3.5:-::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:-::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc1::::::
reference_id	cpe:2.3:a:python:python:3.3.5:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc2::::::
reference_id	cpe:2.3:a:python:python:3.3.5:rc2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.5:rc2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.6:rc1::::::
reference_id	cpe:2.3:a:python:python:3.3.6:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.6:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2::::::
reference_id	cpe:2.3:a:python:python:3.3:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.0:::::::*
reference_id	cpe:2.3:a:python:python:3.4.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.1:::::::*
reference_id	cpe:2.3:a:python:python:3.4.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.2:::::::*
reference_id	cpe:2.3:a:python:python:3.4.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4.2:::::::*

100

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4:alpha1::::::
reference_id	cpe:2.3:a:python:python:3.4:alpha1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.4:alpha1::::::

101

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

102

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-9365

reference_id

CVE-2014-9365

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2014-9365

103

reference_url	https://access.redhat.com/errata/RHSA-2017:1162
reference_id	RHSA-2017:1162
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1162

104

reference_url	https://access.redhat.com/errata/RHSA-2017:1868
reference_id	RHSA-2017:1868
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2017:1868

fixed_packages

url pkg:deb/debian/python2.7@2.7.9-2

purl pkg:deb/debian/python2.7@2.7.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

aliases CVE-2014-9365

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8aq9-8cf5-qbet

url VCID-8jfv-cqa8-7yb6

vulnerability_id VCID-8jfv-cqa8-7yb6

summary python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4650.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4650.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-4650

reference_id

reference_type

scores

value	0.06019
scoring_system	epss
scoring_elements	0.90685
published_at	2026-04-04T12:55:00Z

value	0.06019
scoring_system	epss
scoring_elements	0.9067
published_at	2026-04-01T12:55:00Z

value	0.06019
scoring_system	epss
scoring_elements	0.90675
published_at	2026-04-02T12:55:00Z

value	0.07232
scoring_system	epss
scoring_elements	0.91619
published_at	2026-04-09T12:55:00Z

value	0.07232
scoring_system	epss
scoring_elements	0.91623
published_at	2026-04-11T12:55:00Z

value	0.07232
scoring_system	epss
scoring_elements	0.91626
published_at	2026-04-12T12:55:00Z

value	0.07232
scoring_system	epss
scoring_elements	0.91622
published_at	2026-04-13T12:55:00Z

value	0.07232
scoring_system	epss
scoring_elements	0.916
published_at	2026-04-07T12:55:00Z

value	0.07232
scoring_system	epss
scoring_elements	0.91613
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-4650

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1113527
reference_id	1113527
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1113527

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/33894.txt
reference_id	CVE-2014-4650;OSVDB-108369
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/33894.txt

reference_url	https://www.redteam-pentesting.de/advisories/rt-sa-2014-008
reference_id	CVE-2014-4650;OSVDB-108369
reference_type	exploit
scores
url	https://www.redteam-pentesting.de/advisories/rt-sa-2014-008

reference_url	https://access.redhat.com/errata/RHSA-2015:1064
reference_id	RHSA-2015:1064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1064

reference_url	https://access.redhat.com/errata/RHSA-2015:1330
reference_id	RHSA-2015:1330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1330

reference_url	https://access.redhat.com/errata/RHSA-2015:2101
reference_id	RHSA-2015:2101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2101

reference_url	https://usn.ubuntu.com/2653-1/
reference_id	USN-2653-1
reference_type
scores
url	https://usn.ubuntu.com/2653-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.9-2

purl pkg:deb/debian/python2.7@2.7.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

aliases CVE-2014-4650

risk_score 5.2

exploitability 2.0

weighted_severity 2.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8jfv-cqa8-7yb6

url VCID-9jj2-hsne-mbac

vulnerability_id VCID-9jj2-hsne-mbac

summary security update

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4238.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4238.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-4238

reference_id

reference_type

scores

value	0.02847
scoring_system	epss
scoring_elements	0.8622
published_at	2026-04-13T12:55:00Z

value	0.02847
scoring_system	epss
scoring_elements	0.86201
published_at	2026-04-08T12:55:00Z

value	0.02847
scoring_system	epss
scoring_elements	0.86212
published_at	2026-04-09T12:55:00Z

value	0.02847
scoring_system	epss
scoring_elements	0.86227
published_at	2026-04-11T12:55:00Z

value	0.02847
scoring_system	epss
scoring_elements	0.86224
published_at	2026-04-12T12:55:00Z

value	0.02847
scoring_system	epss
scoring_elements	0.86182
published_at	2026-04-07T12:55:00Z

value	0.02891
scoring_system	epss
scoring_elements	0.86262
published_at	2026-04-02T12:55:00Z

value	0.02891
scoring_system	epss
scoring_elements	0.86279
published_at	2026-04-04T12:55:00Z

value	0.02891
scoring_system	epss
scoring_elements	0.86252
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-4238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719566
reference_id	719566
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=719566

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=996381
reference_id	996381
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=996381

reference_url	https://access.redhat.com/errata/RHSA-2013:1527
reference_id	RHSA-2013:1527
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1527

reference_url	https://access.redhat.com/errata/RHSA-2013:1582
reference_id	RHSA-2013:1582
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2013:1582

reference_url	https://usn.ubuntu.com/1982-1/
reference_id	USN-1982-1
reference_type
scores
url	https://usn.ubuntu.com/1982-1/

reference_url	https://usn.ubuntu.com/1983-1/
reference_id	USN-1983-1
reference_type
scores
url	https://usn.ubuntu.com/1983-1/

reference_url	https://usn.ubuntu.com/1984-1/
reference_id	USN-1984-1
reference_type
scores
url	https://usn.ubuntu.com/1984-1/

reference_url	https://usn.ubuntu.com/1985-1/
reference_id	USN-1985-1
reference_type
scores
url	https://usn.ubuntu.com/1985-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.9-2

purl pkg:deb/debian/python2.7@2.7.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

aliases CVE-2013-4238

risk_score 1.3

exploitability 0.5

weighted_severity 2.6

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9jj2-hsne-mbac

url VCID-ez5b-fvw8-hkh3

vulnerability_id VCID-ez5b-fvw8-hkh3

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could lead to arbitrary code execution.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1912.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1912.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-1912

reference_id

reference_type

scores

value	0.23888
scoring_system	epss
scoring_elements	0.95985
published_at	2026-04-01T12:55:00Z

value	0.23888
scoring_system	epss
scoring_elements	0.95992
published_at	2026-04-02T12:55:00Z

value	0.23888
scoring_system	epss
scoring_elements	0.95999
published_at	2026-04-04T12:55:00Z

value	0.23888
scoring_system	epss
scoring_elements	0.96004
published_at	2026-04-07T12:55:00Z

value	0.23888
scoring_system	epss
scoring_elements	0.96013
published_at	2026-04-08T12:55:00Z

value	0.23888
scoring_system	epss
scoring_elements	0.96016
published_at	2026-04-09T12:55:00Z

value	0.23888
scoring_system	epss
scoring_elements	0.96019
published_at	2026-04-12T12:55:00Z

value	0.23888
scoring_system	epss
scoring_elements	0.96021
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-1912

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1062370
reference_id	1062370
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1062370

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31875.py
reference_id	CVE-2014-1912;OSVDB-102929
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31875.py

reference_url	https://access.redhat.com/errata/RHSA-2015:1064
reference_id	RHSA-2015:1064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1064

reference_url	https://access.redhat.com/errata/RHSA-2015:1330
reference_id	RHSA-2015:1330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1330

reference_url	https://usn.ubuntu.com/2125-1/
reference_id	USN-2125-1
reference_type
scores
url	https://usn.ubuntu.com/2125-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.9-2

purl pkg:deb/debian/python2.7@2.7.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

aliases CVE-2014-1912

risk_score 0.4

exploitability 2.0

weighted_severity 0.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ez5b-fvw8-hkh3

url VCID-f5vu-k9rc-27fz

vulnerability_id VCID-f5vu-k9rc-27fz

summary

Improper Validation of Array Index
Array index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.

references

reference_url

http://bugs.python.org/issue21529

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://bugs.python.org/issue21529

reference_url

http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html

reference_url

http://openwall.com/lists/oss-security/2014/06/24/7

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://openwall.com/lists/oss-security/2014/06/24/7

reference_url

http://rhn.redhat.com/errata/RHSA-2015-1064.html

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2015-1064.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4616.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4616.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-4616

reference_id

reference_type

scores

value	0.00557
scoring_system	epss
scoring_elements	0.68161
published_at	2026-04-13T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68098
published_at	2026-04-01T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.6812
published_at	2026-04-02T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68139
published_at	2026-04-04T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68116
published_at	2026-04-07T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68167
published_at	2026-04-08T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68182
published_at	2026-04-09T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68207
published_at	2026-04-11T12:55:00Z

value	0.00557
scoring_system	epss
scoring_elements	0.68194
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-4616

reference_url

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1112285

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1112285

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4616
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4616

reference_url

https://github.com/simplejson/simplejson

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/simplejson/simplejson

reference_url

https://hackerone.com/reports/12297

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://hackerone.com/reports/12297

reference_url

https://security.gentoo.org/glsa/201503-10

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.gentoo.org/glsa/201503-10

reference_url

http://www.securityfocus.com/bid/68119

reference_id

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.securityfocus.com/bid/68119

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-4616

reference_id

CVE-2014-4616

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2014-4616

reference_url

https://github.com/advisories/GHSA-9772-cwx9-r4cj

reference_id

GHSA-9772-cwx9-r4cj

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-9772-cwx9-r4cj

reference_url	https://access.redhat.com/errata/RHSA-2015:1064
reference_id	RHSA-2015:1064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1064

reference_url	https://access.redhat.com/errata/RHSA-2015:2101
reference_id	RHSA-2015:2101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2101

reference_url	https://usn.ubuntu.com/2653-1/
reference_id	USN-2653-1
reference_type
scores
url	https://usn.ubuntu.com/2653-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.9-2

purl pkg:deb/debian/python2.7@2.7.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

aliases CVE-2014-4616, GHSA-9772-cwx9-r4cj

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f5vu-k9rc-27fz

url VCID-g81p-pg7g-xfcf

vulnerability_id VCID-g81p-pg7g-xfcf

summary python: wildcard matching rules do not follow RFC 6125

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7440.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-7440.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-7440

reference_id

reference_type

scores

value	0.00358
scoring_system	epss
scoring_elements	0.58025
published_at	2026-04-13T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58045
published_at	2026-04-12T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57912
published_at	2026-04-01T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57997
published_at	2026-04-02T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58019
published_at	2026-04-04T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.57993
published_at	2026-04-07T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58048
published_at	2026-04-08T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58052
published_at	2026-04-09T12:55:00Z

value	0.00358
scoring_system	epss
scoring_elements	0.58068
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-7440

reference_url	https://bugs.python.org/issue17997
reference_id
reference_type
scores
url	https://bugs.python.org/issue17997

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7440
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7440

reference_url	http://seclists.org/oss-sec/2015/q2/483
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2015/q2/483

reference_url	http://seclists.org/oss-sec/2015/q2/523
reference_id
reference_type
scores
url	http://seclists.org/oss-sec/2015/q2/523

reference_url	https://hg.python.org/cpython/rev/10d0edadbcdd
reference_id
reference_type
scores
url	https://hg.python.org/cpython/rev/10d0edadbcdd

reference_url	http://www.securityfocus.com/bid/74707
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/74707

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1224999
reference_id	1224999
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1224999

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:::::::*
reference_id	cpe:2.3:a:python:python:3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:::::::*
reference_id	cpe:2.3:a:python:python:3.0.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.0.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:::::::*
reference_id	cpe:2.3:a:python:python:3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:::::::*
reference_id	cpe:2.3:a:python:python:3.1.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:::::::*
reference_id	cpe:2.3:a:python:python:3.1.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150::::::x64:
reference_id	cpe:2.3:a:python:python:3.1.2150::::::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.2150::::::x64:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:::::::*
reference_id	cpe:2.3:a:python:python:3.1.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:::::::*
reference_id	cpe:2.3:a:python:python:3.1.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:::::::*
reference_id	cpe:2.3:a:python:python:3.1.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.1.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:::::::*
reference_id	cpe:2.3:a:python:python:3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:::::::*
reference_id	cpe:2.3:a:python:python:3.2.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:::::::*
reference_id	cpe:2.3:a:python:python:3.2.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:::::::*
reference_id	cpe:2.3:a:python:python:3.2.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:::::::*
reference_id	cpe:2.3:a:python:python:3.2.2150:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.2150:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:::::::*
reference_id	cpe:2.3:a:python:python:3.2.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:::::::*
reference_id	cpe:2.3:a:python:python:3.2.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:::::::*
reference_id	cpe:2.3:a:python:python:3.2.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:::::::*
reference_id	cpe:2.3:a:python:python:3.2.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha::::::
reference_id	cpe:2.3:a:python:python:3.2:alpha::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.2:alpha::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:::::::*
reference_id	cpe:2.3:a:python:python:3.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:::::::*
reference_id	cpe:2.3:a:python:python:3.3.0:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.0:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:::::::*
reference_id	cpe:2.3:a:python:python:3.3.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1::::::
reference_id	cpe:2.3:a:python:python:3.3.1:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.1:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:::::::*
reference_id	cpe:2.3:a:python:python:3.3.2:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3.2:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2::::::
reference_id	cpe:2.3:a:python:python:3.3:beta2::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:3.3:beta2::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-7440

reference_id

CVE-2013-7440

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	5.9
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2013-7440

reference_url	https://access.redhat.com/errata/RHSA-2016:1166
reference_id	RHSA-2016:1166
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2016:1166

fixed_packages

url pkg:deb/debian/python2.7@2.7.9-2

purl pkg:deb/debian/python2.7@2.7.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

aliases CVE-2013-7440

risk_score 2.6

exploitability 0.5

weighted_severity 5.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g81p-pg7g-xfcf

url VCID-mzd5-dwty-bqhf

vulnerability_id VCID-mzd5-dwty-bqhf

summary

Multiple vulnerabilities have been found in Python, the worst of
    which could lead to arbitrary code execution.

references

reference_url	http://bugs.python.org/issue21831
reference_id
reference_type
scores
url	http://bugs.python.org/issue21831

reference_url	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
reference_id
reference_type
scores
url	http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html

reference_url	http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html
reference_id
reference_type
scores
url	http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html

reference_url	http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1064.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1064.html

reference_url	http://rhn.redhat.com/errata/RHSA-2015-1330.html
reference_id
reference_type
scores
url	http://rhn.redhat.com/errata/RHSA-2015-1330.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7185.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7185.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2014-7185

reference_id

reference_type

scores

value	0.0087
scoring_system	epss
scoring_elements	0.75185
published_at	2026-04-13T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75142
published_at	2026-04-01T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75145
published_at	2026-04-02T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75176
published_at	2026-04-04T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75152
published_at	2026-04-07T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75186
published_at	2026-04-08T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75198
published_at	2026-04-09T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75219
published_at	2026-04-11T12:55:00Z

value	0.0087
scoring_system	epss
scoring_elements	0.75197
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2014-7185

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/96193
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/96193

reference_url	https://security.gentoo.org/glsa/201503-10
reference_id
reference_type
scores
url	https://security.gentoo.org/glsa/201503-10

reference_url	https://support.apple.com/kb/HT205031
reference_id
reference_type
scores
url	https://support.apple.com/kb/HT205031

reference_url	http://www.openwall.com/lists/oss-security/2014/09/23/5
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/09/23/5

reference_url	http://www.openwall.com/lists/oss-security/2014/09/25/47
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2014/09/25/47

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

reference_url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
reference_id
reference_type
scores
url	http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

reference_url	http://www.securityfocus.com/bid/70089
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/70089

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1146026
reference_id	1146026
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1146026

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763848
reference_id	763848
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763848

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:::::::*
reference_id	cpe:2.3:a:python:python:2.7.1:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:::::::*
reference_id	cpe:2.3:a:python:python:2.7.1150:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150::::::x64:
reference_id	cpe:2.3:a:python:python:2.7.1150::::::x64:
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150::::::x64:

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1::::::
reference_id	cpe:2.3:a:python:python:2.7.1:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:::::::*
reference_id	cpe:2.3:a:python:python:2.7.2150:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1::::::
reference_id	cpe:2.3:a:python:python:2.7.2:rc1::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:::::::*
reference_id	cpe:2.3:a:python:python:2.7.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:::::::*
reference_id	cpe:2.3:a:python:python:2.7.4:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:::::::*
reference_id	cpe:2.3:a:python:python:2.7.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:::::::*
reference_id	cpe:2.3:a:python:python:2.7.6:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
reference_id	cpe:2.3:o:apple:mac_os_x::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2014-7185

reference_id

CVE-2014-7185

reference_type

scores

value	6.4
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2014-7185

reference_url	https://access.redhat.com/errata/RHSA-2015:1064
reference_id	RHSA-2015:1064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1064

reference_url	https://access.redhat.com/errata/RHSA-2015:1330
reference_id	RHSA-2015:1330
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1330

reference_url	https://access.redhat.com/errata/RHSA-2015:2101
reference_id	RHSA-2015:2101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2101

reference_url	https://usn.ubuntu.com/2653-1/
reference_id	USN-2653-1
reference_type
scores
url	https://usn.ubuntu.com/2653-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.9-2

purl pkg:deb/debian/python2.7@2.7.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

aliases CVE-2014-7185

risk_score 2.9

exploitability 0.5

weighted_severity 5.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mzd5-dwty-bqhf

url VCID-w85n-mm5g-5yd1

vulnerability_id VCID-w85n-mm5g-5yd1

summary python: XMLRPC library unrestricted decompression of HTTP responses using gzip enconding

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1753.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1753.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-1753

reference_id

reference_type

scores

value	0.00455
scoring_system	epss
scoring_elements	0.63827
published_at	2026-04-13T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63875
published_at	2026-04-11T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63747
published_at	2026-04-01T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63809
published_at	2026-04-02T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63835
published_at	2026-04-04T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63793
published_at	2026-04-07T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63843
published_at	2026-04-08T12:55:00Z

value	0.00455
scoring_system	epss
scoring_elements	0.63861
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-1753

reference_url	https://bugs.python.org/issue16043
reference_id
reference_type
scores
url	https://bugs.python.org/issue16043

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1753
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1753

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1046170
reference_id	1046170
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1046170

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742929
reference_id	742929
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742929

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-1753

reference_id

CVE-2013-1753

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2013-1753

reference_url	https://access.redhat.com/errata/RHSA-2015:1064
reference_id	RHSA-2015:1064
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:1064

reference_url	https://access.redhat.com/errata/RHSA-2015:2101
reference_id	RHSA-2015:2101
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2015:2101

reference_url	https://usn.ubuntu.com/2653-1/
reference_id	USN-2653-1
reference_type
scores
url	https://usn.ubuntu.com/2653-1/

fixed_packages

url pkg:deb/debian/python2.7@2.7.9-2

purl pkg:deb/debian/python2.7@2.7.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

aliases CVE-2013-1753

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w85n-mm5g-5yd1

url VCID-z6kh-961g-duck

vulnerability_id VCID-z6kh-961g-duck

summary

Multiple vulnerabilities have been found in Python, the worst of
    which allow remote attackers to cause a Denial of Service condition.

references

reference_url	http://bugs.python.org/issue6706
reference_id
reference_type
scores
url	http://bugs.python.org/issue6706

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3492.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-3492.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-3492

reference_id

reference_type

scores

value	0.01151
scoring_system	epss
scoring_elements	0.78446
published_at	2026-04-01T12:55:00Z

value	0.01151
scoring_system	epss
scoring_elements	0.78493
published_at	2026-04-08T12:55:00Z

value	0.01151
scoring_system	epss
scoring_elements	0.78498
published_at	2026-04-09T12:55:00Z

value	0.01151
scoring_system	epss
scoring_elements	0.78523
published_at	2026-04-11T12:55:00Z

value	0.01151
scoring_system	epss
scoring_elements	0.78452
published_at	2026-04-02T12:55:00Z

value	0.01151
scoring_system	epss
scoring_elements	0.78483
published_at	2026-04-04T12:55:00Z

value	0.01151
scoring_system	epss
scoring_elements	0.78466
published_at	2026-04-07T12:55:00Z

value	0.01356
scoring_system	epss
scoring_elements	0.80136
published_at	2026-04-12T12:55:00Z

value	0.01356
scoring_system	epss
scoring_elements	0.80127
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-3492

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3492

reference_url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111
reference_id
reference_type
scores
url	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12111

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:215
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:215

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:216
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2010:216

reference_url	http://www.openwall.com/lists/oss-security/2010/09/09/6
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/09/09/6

reference_url	http://www.openwall.com/lists/oss-security/2010/09/11/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/09/11/2

reference_url	http://www.openwall.com/lists/oss-security/2010/09/22/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/09/22/3

reference_url	http://www.openwall.com/lists/oss-security/2010/09/24/3
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/09/24/3

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=638330
reference_id	638330
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=638330

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::
reference_id	cpe:2.3:a:python:python::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-3492

reference_id

CVE-2010-3492

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

url

https://nvd.nist.gov/vuln/detail/CVE-2010-3492

reference_url	https://security.gentoo.org/glsa/201401-04
reference_id	GLSA-201401-04
reference_type
scores
url	https://security.gentoo.org/glsa/201401-04

fixed_packages

url pkg:deb/debian/python2.7@2.7.9-2

purl pkg:deb/debian/python2.7@2.7.9-2

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1taa-a9e4-tbc5

vulnerability	VCID-2czu-wy37-qugf

vulnerability	VCID-2shb-2cvn-dyd2

vulnerability	VCID-3mu8-g6x3-effb

vulnerability	VCID-4py6-hkzp-v3d4

vulnerability	VCID-4q79-666d-rygx

vulnerability	VCID-4z89-3tfk-pyge

vulnerability	VCID-57c6-hx7f-efc6

vulnerability	VCID-7jat-6ags-qbdr

vulnerability	VCID-9mcr-rmtb-mufj

vulnerability	VCID-c97c-3177-wkhx

vulnerability	VCID-dkxn-j9dr-sqbp

vulnerability	VCID-dv5v-71b5-budp

vulnerability	VCID-gfzb-b7tt-fkgz

vulnerability	VCID-gkfp-ga1r-jkag

vulnerability	VCID-hcq4-yq9k-jygb

vulnerability	VCID-hgwh-tzsf-suc1

vulnerability	VCID-j9s6-2y47-zbbt

vulnerability	VCID-k18q-3e9y-ykgf

vulnerability	VCID-ppqx-qup8-sqbz

vulnerability	VCID-tyk4-kazt-kydj

vulnerability	VCID-ugfy-dufq-hfb2

vulnerability	VCID-v84j-ugn9-w3c8

vulnerability	VCID-vpwj-d49q-1uh8

vulnerability	VCID-w6k8-js68-87g4

vulnerability	VCID-wq7w-nrar-ykde

vulnerability	VCID-wxhp-wayg-qbd1

vulnerability	VCID-x7h3-nmjt-aud5

vulnerability	VCID-xv9p-nyha-xygv

vulnerability	VCID-yqm8-fk44-4yhk

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

aliases CVE-2010-3492

risk_score 2.2

exploitability 0.5

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z6kh-961g-duck

Risk_score 8.6

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/python2.7@2.7.9-2

Package Instance