Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/tfm-rubygem-foreman-tasks-core@0.1.8-1.fm1_15?arch=el7sat
Typerpm
Namespaceredhat
Nametfm-rubygem-foreman-tasks-core
Version0.1.8-1.fm1_15
Qualifiers
arch el7sat
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-18aq-72zg-3uc9
vulnerability_id VCID-18aq-72zg-3uc9
summary puppet: Unsafe YAML deserialization
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2295.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2295.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2295
reference_id
reference_type
scores
0
value 0.01893
scoring_system epss
scoring_elements 0.8313
published_at 2026-04-01T12:55:00Z
1
value 0.01893
scoring_system epss
scoring_elements 0.83197
published_at 2026-04-13T12:55:00Z
2
value 0.01893
scoring_system epss
scoring_elements 0.83207
published_at 2026-04-11T12:55:00Z
3
value 0.01893
scoring_system epss
scoring_elements 0.83201
published_at 2026-04-12T12:55:00Z
4
value 0.01893
scoring_system epss
scoring_elements 0.83147
published_at 2026-04-02T12:55:00Z
5
value 0.01893
scoring_system epss
scoring_elements 0.83161
published_at 2026-04-04T12:55:00Z
6
value 0.01893
scoring_system epss
scoring_elements 0.83159
published_at 2026-04-07T12:55:00Z
7
value 0.01893
scoring_system epss
scoring_elements 0.83184
published_at 2026-04-08T12:55:00Z
8
value 0.01893
scoring_system epss
scoring_elements 0.83191
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2295
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2295
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2295
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:C/I:C/A:C
1
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1452651
reference_id 1452651
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1452651
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863212
reference_id 863212
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863212
6
reference_url https://usn.ubuntu.com/3308-1/
reference_id USN-3308-1
reference_type
scores
url https://usn.ubuntu.com/3308-1/
7
reference_url https://usn.ubuntu.com/USN-4804-1/
reference_id USN-USN-4804-1
reference_type
scores
url https://usn.ubuntu.com/USN-4804-1/
fixed_packages
aliases CVE-2017-2295
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-18aq-72zg-3uc9
1
url VCID-1fgf-s31g-pfac
vulnerability_id VCID-1fgf-s31g-pfac
summary foreman: models with a 'belongs_to' association to an Organization do not verify association belongs to that Organization
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8183.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8183.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8183
reference_id
reference_type
scores
0
value 0.00153
scoring_system epss
scoring_elements 0.3593
published_at 2026-04-01T12:55:00Z
1
value 0.00153
scoring_system epss
scoring_elements 0.36001
published_at 2026-04-13T12:55:00Z
2
value 0.00153
scoring_system epss
scoring_elements 0.36066
published_at 2026-04-11T12:55:00Z
3
value 0.00153
scoring_system epss
scoring_elements 0.36027
published_at 2026-04-12T12:55:00Z
4
value 0.00153
scoring_system epss
scoring_elements 0.36121
published_at 2026-04-02T12:55:00Z
5
value 0.00153
scoring_system epss
scoring_elements 0.36151
published_at 2026-04-04T12:55:00Z
6
value 0.00153
scoring_system epss
scoring_elements 0.35986
published_at 2026-04-07T12:55:00Z
7
value 0.00153
scoring_system epss
scoring_elements 0.36036
published_at 2026-04-08T12:55:00Z
8
value 0.00153
scoring_system epss
scoring_elements 0.36059
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8183
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1480886
reference_id 1480886
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1480886
fixed_packages
aliases CVE-2014-8183
risk_score 3.4
exploitability 0.5
weighted_severity 6.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1fgf-s31g-pfac
2
url VCID-3j8j-qks5-m3ew
vulnerability_id VCID-3j8j-qks5-m3ew
summary foreman: privilege escalation through Organization and Locations API
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4451.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4451.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4451
reference_id
reference_type
scores
0
value 0.00142
scoring_system epss
scoring_elements 0.34243
published_at 2026-04-01T12:55:00Z
1
value 0.00142
scoring_system epss
scoring_elements 0.34583
published_at 2026-04-02T12:55:00Z
2
value 0.00142
scoring_system epss
scoring_elements 0.3461
published_at 2026-04-04T12:55:00Z
3
value 0.00142
scoring_system epss
scoring_elements 0.34477
published_at 2026-04-07T12:55:00Z
4
value 0.00142
scoring_system epss
scoring_elements 0.3452
published_at 2026-04-08T12:55:00Z
5
value 0.00142
scoring_system epss
scoring_elements 0.34549
published_at 2026-04-09T12:55:00Z
6
value 0.00142
scoring_system epss
scoring_elements 0.34551
published_at 2026-04-11T12:55:00Z
7
value 0.00142
scoring_system epss
scoring_elements 0.34512
published_at 2026-04-12T12:55:00Z
8
value 0.00142
scoring_system epss
scoring_elements 0.34488
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4451
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1339889
reference_id 1339889
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1339889
fixed_packages
aliases CVE-2016-4451
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3j8j-qks5-m3ew
3
url VCID-4d6e-mx3k-yqgk
vulnerability_id VCID-4d6e-mx3k-yqgk
summary foreman: Information leak through organizations and locations feature
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7078.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7078.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7078
reference_id
reference_type
scores
0
value 0.00316
scoring_system epss
scoring_elements 0.54559
published_at 2026-04-01T12:55:00Z
1
value 0.00316
scoring_system epss
scoring_elements 0.54629
published_at 2026-04-02T12:55:00Z
2
value 0.00316
scoring_system epss
scoring_elements 0.54653
published_at 2026-04-04T12:55:00Z
3
value 0.00316
scoring_system epss
scoring_elements 0.54623
published_at 2026-04-07T12:55:00Z
4
value 0.00316
scoring_system epss
scoring_elements 0.54675
published_at 2026-04-08T12:55:00Z
5
value 0.00316
scoring_system epss
scoring_elements 0.54671
published_at 2026-04-09T12:55:00Z
6
value 0.00316
scoring_system epss
scoring_elements 0.54684
published_at 2026-04-11T12:55:00Z
7
value 0.00316
scoring_system epss
scoring_elements 0.54667
published_at 2026-04-12T12:55:00Z
8
value 0.00316
scoring_system epss
scoring_elements 0.54646
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7078
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1386244
reference_id 1386244
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1386244
fixed_packages
aliases CVE-2016-7078
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4d6e-mx3k-yqgk
4
url VCID-6bhb-kgf4-abe7
vulnerability_id VCID-6bhb-kgf4-abe7
summary foreman: Stored XSS vulnerability in remote execution plugin
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8613.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8613.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8613
reference_id
reference_type
scores
0
value 0.00737
scoring_system epss
scoring_elements 0.72779
published_at 2026-04-01T12:55:00Z
1
value 0.00737
scoring_system epss
scoring_elements 0.72786
published_at 2026-04-02T12:55:00Z
2
value 0.00737
scoring_system epss
scoring_elements 0.72806
published_at 2026-04-04T12:55:00Z
3
value 0.00737
scoring_system epss
scoring_elements 0.72783
published_at 2026-04-07T12:55:00Z
4
value 0.00737
scoring_system epss
scoring_elements 0.72821
published_at 2026-04-08T12:55:00Z
5
value 0.00737
scoring_system epss
scoring_elements 0.72835
published_at 2026-04-13T12:55:00Z
6
value 0.00737
scoring_system epss
scoring_elements 0.72859
published_at 2026-04-11T12:55:00Z
7
value 0.00737
scoring_system epss
scoring_elements 0.72843
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8613
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1387232
reference_id 1387232
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1387232
fixed_packages
aliases CVE-2016-8613
risk_score 2.9
exploitability 0.5
weighted_severity 5.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6bhb-kgf4-abe7
5
url VCID-6hub-g2ja-afaw
vulnerability_id VCID-6hub-g2ja-afaw
summary 
Information disclosure vulnerability
safemode for Ruby, when initialized with a delegate object that is a Rails controller, allows context-dependent attackers to obtain sensitive information via the inspect method.
references
0
reference_url http://projects.theforeman.org/issues/14635
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://projects.theforeman.org/issues/14635
1
reference_url http://rubysec.com/advisories/CVE-2016-3693
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rubysec.com/advisories/CVE-2016-3693
2
reference_url https://access.redhat.com/errata/RHSA-2018:0336
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0336
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3693.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3693.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3693
reference_id
reference_type
scores
0
value 0.00728
scoring_system epss
scoring_elements 0.72594
published_at 2026-04-04T12:55:00Z
1
value 0.00728
scoring_system epss
scoring_elements 0.72617
published_at 2026-04-13T12:55:00Z
2
value 0.00728
scoring_system epss
scoring_elements 0.72627
published_at 2026-04-12T12:55:00Z
3
value 0.00728
scoring_system epss
scoring_elements 0.72645
published_at 2026-04-11T12:55:00Z
4
value 0.00728
scoring_system epss
scoring_elements 0.72621
published_at 2026-04-09T12:55:00Z
5
value 0.00728
scoring_system epss
scoring_elements 0.72609
published_at 2026-04-08T12:55:00Z
6
value 0.00728
scoring_system epss
scoring_elements 0.7257
published_at 2026-04-01T12:55:00Z
7
value 0.00728
scoring_system epss
scoring_elements 0.72577
published_at 2026-04-02T12:55:00Z
8
value 0.00728
scoring_system epss
scoring_elements 0.72571
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3693
5
reference_url http://seclists.org/oss-sec/2016/q2/119
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements
url http://seclists.org/oss-sec/2016/q2/119
6
reference_url https://github.com/svenfuchs/safemode
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/svenfuchs/safemode
7
reference_url https://github.com/svenfuchs/safemode/commit/0f764a1720a3a68fd2842e21377c8bfad6d7126f
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/svenfuchs/safemode/commit/0f764a1720a3a68fd2842e21377c8bfad6d7126f
8
reference_url https://github.com/theforeman/foreman/commit/82f9b93c54f72c5814df6bab7fad057eab65b2f2
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/theforeman/foreman/commit/82f9b93c54f72c5814df6bab7fad057eab65b2f2
9
reference_url http://theforeman.org/security.html#2016-3693
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://theforeman.org/security.html#2016-3693
10
reference_url http://www.openwall.com/lists/oss-security/2016/04/20/8
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/04/20/8
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1327471
reference_id 1327471
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1327471
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:safemode_project:safemode:*:*:*:*:*:ruby:*:*
reference_id cpe:2.3:a:safemode_project:safemode:*:*:*:*:*:ruby:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:safemode_project:safemode:*:*:*:*:*:ruby:*:*
13
reference_url http://rubysec.com/advisories/CVE-2016-3693/
reference_id CVE-2016-3693
reference_type
scores
url http://rubysec.com/advisories/CVE-2016-3693/
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3693
reference_id CVE-2016-3693
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3693
15
reference_url https://github.com/advisories/GHSA-c92m-rrrc-q5wf
reference_id GHSA-c92m-rrrc-q5wf
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c92m-rrrc-q5wf
fixed_packages
aliases CVE-2016-3693, GHSA-c92m-rrrc-q5wf
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6hub-g2ja-afaw
6
url VCID-6jdw-pp1b-1qan
vulnerability_id VCID-6jdw-pp1b-1qan
summary katello-debug: Possible symlink attacks due to use of predictable file names
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9595.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9595.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9595
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.12806
published_at 2026-04-01T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.12904
published_at 2026-04-02T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.12954
published_at 2026-04-04T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.12756
published_at 2026-04-07T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.12836
published_at 2026-04-08T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.12887
published_at 2026-04-09T12:55:00Z
6
value 0.00042
scoring_system epss
scoring_elements 0.12853
published_at 2026-04-11T12:55:00Z
7
value 0.00042
scoring_system epss
scoring_elements 0.12815
published_at 2026-04-12T12:55:00Z
8
value 0.00042
scoring_system epss
scoring_elements 0.1277
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9595
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406729
reference_id 1406729
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406729
fixed_packages
aliases CVE-2016-9595
risk_score 3.3
exploitability 0.5
weighted_severity 6.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6jdw-pp1b-1qan
7
url VCID-7zj1-ye9x-cueu
vulnerability_id VCID-7zj1-ye9x-cueu
summary pulp: Leakage of CA key in pulp-qpid-ssl-cfg
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3696.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3696.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3696
reference_id
reference_type
scores
0
value 0.00053
scoring_system epss
scoring_elements 0.16633
published_at 2026-04-01T12:55:00Z
1
value 0.00053
scoring_system epss
scoring_elements 0.16806
published_at 2026-04-02T12:55:00Z
2
value 0.00053
scoring_system epss
scoring_elements 0.16863
published_at 2026-04-04T12:55:00Z
3
value 0.00053
scoring_system epss
scoring_elements 0.16648
published_at 2026-04-07T12:55:00Z
4
value 0.00053
scoring_system epss
scoring_elements 0.16732
published_at 2026-04-08T12:55:00Z
5
value 0.00053
scoring_system epss
scoring_elements 0.16786
published_at 2026-04-09T12:55:00Z
6
value 0.00053
scoring_system epss
scoring_elements 0.16766
published_at 2026-04-11T12:55:00Z
7
value 0.00053
scoring_system epss
scoring_elements 0.16723
published_at 2026-04-12T12:55:00Z
8
value 0.00053
scoring_system epss
scoring_elements 0.16666
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3696
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1328930
reference_id 1328930
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1328930
fixed_packages
aliases CVE-2016-3696
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7zj1-ye9x-cueu
8
url VCID-8fnw-r4f3-xqcg
vulnerability_id VCID-8fnw-r4f3-xqcg
summary foreman: Image password leak
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0336
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0336
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2672.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2672.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2672
reference_id
reference_type
scores
0
value 0.00175
scoring_system epss
scoring_elements 0.38794
published_at 2026-04-01T12:55:00Z
1
value 0.00175
scoring_system epss
scoring_elements 0.38893
published_at 2026-04-13T12:55:00Z
2
value 0.00175
scoring_system epss
scoring_elements 0.38945
published_at 2026-04-09T12:55:00Z
3
value 0.00175
scoring_system epss
scoring_elements 0.38956
published_at 2026-04-11T12:55:00Z
4
value 0.00175
scoring_system epss
scoring_elements 0.3892
published_at 2026-04-12T12:55:00Z
5
value 0.00175
scoring_system epss
scoring_elements 0.38927
published_at 2026-04-02T12:55:00Z
6
value 0.00175
scoring_system epss
scoring_elements 0.38949
published_at 2026-04-04T12:55:00Z
7
value 0.00175
scoring_system epss
scoring_elements 0.38879
published_at 2026-04-07T12:55:00Z
8
value 0.00175
scoring_system epss
scoring_elements 0.38931
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2672
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2672
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2672
4
reference_url https://projects.theforeman.org/issues/19169
reference_id
reference_type
scores
url https://projects.theforeman.org/issues/19169
5
reference_url http://www.securityfocus.com/bid/97526
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/97526
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1439537
reference_id 1439537
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1439537
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:6.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:satellite:6.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:satellite:6.3:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:theforeman:foreman:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2672
reference_id CVE-2017-2672
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2017-2672
fixed_packages
aliases CVE-2017-2672
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8fnw-r4f3-xqcg
9
url VCID-asqu-5r9h-9yav
vulnerability_id VCID-asqu-5r9h-9yav
summary 
SQL Injection
An SQL injection was found in katello's errata-related API. An authenticated remote attacker can craft input data to force a malformed SQL query to the backend database, which will leak internal IDs. This is issue is related to an incomplete fix for CVE-2016-3072.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0336
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0336
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14623.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14623.json
2
reference_url https://access.redhat.com/security/cve/CVE-2018-14623
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2018-14623
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14623
reference_id
reference_type
scores
0
value 0.00137
scoring_system epss
scoring_elements 0.33684
published_at 2026-04-04T12:55:00Z
1
value 0.00137
scoring_system epss
scoring_elements 0.33529
published_at 2026-04-13T12:55:00Z
2
value 0.00137
scoring_system epss
scoring_elements 0.33553
published_at 2026-04-12T12:55:00Z
3
value 0.00137
scoring_system epss
scoring_elements 0.33594
published_at 2026-04-11T12:55:00Z
4
value 0.00137
scoring_system epss
scoring_elements 0.33601
published_at 2026-04-09T12:55:00Z
5
value 0.00137
scoring_system epss
scoring_elements 0.33567
published_at 2026-04-08T12:55:00Z
6
value 0.00137
scoring_system epss
scoring_elements 0.33523
published_at 2026-04-07T12:55:00Z
7
value 0.00137
scoring_system epss
scoring_elements 0.33496
published_at 2026-04-01T12:55:00Z
8
value 0.00137
scoring_system epss
scoring_elements 0.3365
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14623
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1623719
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1623719
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14623
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14623
6
reference_url https://github.com/Katello/katello
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/Katello/katello
7
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/katello/CVE-2018-14623.yml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/katello/CVE-2018-14623.yml
8
reference_url https://web.archive.org/web/20200227100255/http://www.securityfocus.com/bid/106224
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227100255/http://www.securityfocus.com/bid/106224
9
reference_url http://www.securityfocus.com/bid/106224
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/106224
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14623
reference_id CVE-2018-14623
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14623
11
reference_url https://github.com/advisories/GHSA-527r-mfmj-prqf
reference_id GHSA-527r-mfmj-prqf
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-527r-mfmj-prqf
12
reference_url https://github.com/advisories/GHSA-jx5v-788g-qw58
reference_id GHSA-jx5v-788g-qw58
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jx5v-788g-qw58
fixed_packages
aliases CVE-2018-14623, GHSA-jx5v-788g-qw58
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-asqu-5r9h-9yav
10
url VCID-avsj-f1g8-yfen
vulnerability_id VCID-avsj-f1g8-yfen
summary foreman: Persistent XSS in Foreman remote execution plugin
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6319.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-6319.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-6319
reference_id
reference_type
scores
0
value 0.00734
scoring_system epss
scoring_elements 0.72684
published_at 2026-04-01T12:55:00Z
1
value 0.00734
scoring_system epss
scoring_elements 0.72692
published_at 2026-04-02T12:55:00Z
2
value 0.00734
scoring_system epss
scoring_elements 0.72711
published_at 2026-04-04T12:55:00Z
3
value 0.00734
scoring_system epss
scoring_elements 0.72688
published_at 2026-04-07T12:55:00Z
4
value 0.00734
scoring_system epss
scoring_elements 0.72727
published_at 2026-04-08T12:55:00Z
5
value 0.00734
scoring_system epss
scoring_elements 0.7274
published_at 2026-04-09T12:55:00Z
6
value 0.00734
scoring_system epss
scoring_elements 0.72764
published_at 2026-04-11T12:55:00Z
7
value 0.00734
scoring_system epss
scoring_elements 0.72748
published_at 2026-04-12T12:55:00Z
8
value 0.00734
scoring_system epss
scoring_elements 0.72738
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-6319
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1365815
reference_id 1365815
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1365815
fixed_packages
aliases CVE-2016-6319
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-avsj-f1g8-yfen
11
url VCID-bvrv-wvt6-8yfy
vulnerability_id VCID-bvrv-wvt6-8yfy
summary 
Improper Certificate Validation
Hammer CLI, a CLI utility for Foreman, does not explicitly set the `verify_ssl` flag for `apipie-bindings`. As a result the server certificates are not checked and connections are prone to man-in-the-middle attacks.
references
0
reference_url http://projects.theforeman.org/issues/19033
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://projects.theforeman.org/issues/19033
1
reference_url https://access.redhat.com/errata/RHSA-2018:0336
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0336
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2667.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:A/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2667.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-2667
reference_id
reference_type
scores
0
value 0.00111
scoring_system epss
scoring_elements 0.29494
published_at 2026-04-12T12:55:00Z
1
value 0.00111
scoring_system epss
scoring_elements 0.29538
published_at 2026-04-11T12:55:00Z
2
value 0.00111
scoring_system epss
scoring_elements 0.29535
published_at 2026-04-09T12:55:00Z
3
value 0.00111
scoring_system epss
scoring_elements 0.29433
published_at 2026-04-07T12:55:00Z
4
value 0.00111
scoring_system epss
scoring_elements 0.29612
published_at 2026-04-04T12:55:00Z
5
value 0.00111
scoring_system epss
scoring_elements 0.29564
published_at 2026-04-02T12:55:00Z
6
value 0.00111
scoring_system epss
scoring_elements 0.29496
published_at 2026-04-08T12:55:00Z
7
value 0.00111
scoring_system epss
scoring_elements 0.29442
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-2667
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1436262
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1436262
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/hammer_cli_foreman/CVE-2017-2667.yml
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/hammer_cli_foreman/CVE-2017-2667.yml
6
reference_url https://github.com/theforeman/hammer-cli-foreman
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/theforeman/hammer-cli-foreman
7
reference_url https://web.archive.org/web/20200227181720/http://www.securityfocus.com/bid/97153
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227181720/http://www.securityfocus.com/bid/97153
8
reference_url http://www.securityfocus.com/bid/97153
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/97153
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-2667
reference_id CVE-2017-2667
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-2667
10
reference_url https://github.com/advisories/GHSA-77h8-xr85-3x5q
reference_id GHSA-77h8-xr85-3x5q
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-77h8-xr85-3x5q
fixed_packages
aliases CVE-2017-2667, GHSA-77h8-xr85-3x5q
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bvrv-wvt6-8yfy
12
url VCID-cc8z-r1zy-23f2
vulnerability_id VCID-cc8z-r1zy-23f2
summary foreman: Information disclosure in provisioning template previews
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4995.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4995.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4995
reference_id
reference_type
scores
0
value 0.00298
scoring_system epss
scoring_elements 0.53142
published_at 2026-04-01T12:55:00Z
1
value 0.00298
scoring_system epss
scoring_elements 0.53166
published_at 2026-04-02T12:55:00Z
2
value 0.00298
scoring_system epss
scoring_elements 0.53191
published_at 2026-04-04T12:55:00Z
3
value 0.00298
scoring_system epss
scoring_elements 0.53159
published_at 2026-04-07T12:55:00Z
4
value 0.00298
scoring_system epss
scoring_elements 0.53212
published_at 2026-04-08T12:55:00Z
5
value 0.00298
scoring_system epss
scoring_elements 0.53206
published_at 2026-04-09T12:55:00Z
6
value 0.00298
scoring_system epss
scoring_elements 0.53257
published_at 2026-04-11T12:55:00Z
7
value 0.00298
scoring_system epss
scoring_elements 0.53243
published_at 2026-04-12T12:55:00Z
8
value 0.00298
scoring_system epss
scoring_elements 0.53226
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4995
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1348939
reference_id 1348939
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1348939
fixed_packages
aliases CVE-2016-4995
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cc8z-r1zy-23f2
13
url VCID-dfb9-31gj-57fs
vulnerability_id VCID-dfb9-31gj-57fs
summary foreman: Stored XSS in org/loc wizard
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8634.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8634.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8634
reference_id
reference_type
scores
0
value 0.00328
scoring_system epss
scoring_elements 0.55554
published_at 2026-04-01T12:55:00Z
1
value 0.00328
scoring_system epss
scoring_elements 0.55665
published_at 2026-04-02T12:55:00Z
2
value 0.00328
scoring_system epss
scoring_elements 0.55688
published_at 2026-04-04T12:55:00Z
3
value 0.00328
scoring_system epss
scoring_elements 0.55667
published_at 2026-04-07T12:55:00Z
4
value 0.00328
scoring_system epss
scoring_elements 0.55718
published_at 2026-04-08T12:55:00Z
5
value 0.00328
scoring_system epss
scoring_elements 0.55721
published_at 2026-04-09T12:55:00Z
6
value 0.00328
scoring_system epss
scoring_elements 0.5573
published_at 2026-04-11T12:55:00Z
7
value 0.00328
scoring_system epss
scoring_elements 0.5571
published_at 2026-04-12T12:55:00Z
8
value 0.00328
scoring_system epss
scoring_elements 0.55693
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8634
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1391520
reference_id 1391520
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1391520
fixed_packages
aliases CVE-2016-8634
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dfb9-31gj-57fs
14
url VCID-dh5x-wb2a-1ufj
vulnerability_id VCID-dh5x-wb2a-1ufj
summary 
XSS vulnerabiliy in generated pagination links
The package will_paginate generate pagination links without escaping result. If user-controlled data is sent to will_paginate, there is a potential XSS vulnerability.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:0336
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:0336
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6459.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6459.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6459
reference_id
reference_type
scores
0
value 0.00257
scoring_system epss
scoring_elements 0.49082
published_at 2026-04-13T12:55:00Z
1
value 0.00257
scoring_system epss
scoring_elements 0.49103
published_at 2026-04-11T12:55:00Z
2
value 0.00257
scoring_system epss
scoring_elements 0.49086
published_at 2026-04-09T12:55:00Z
3
value 0.00257
scoring_system epss
scoring_elements 0.49076
published_at 2026-04-12T12:55:00Z
4
value 0.00257
scoring_system epss
scoring_elements 0.49089
published_at 2026-04-08T12:55:00Z
5
value 0.00361
scoring_system epss
scoring_elements 0.58205
published_at 2026-04-02T12:55:00Z
6
value 0.00361
scoring_system epss
scoring_elements 0.58119
published_at 2026-04-01T12:55:00Z
7
value 0.00361
scoring_system epss
scoring_elements 0.58225
published_at 2026-04-04T12:55:00Z
8
value 0.00361
scoring_system epss
scoring_elements 0.582
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6459
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6459
4
reference_url https://github.com/mislav/will_paginate
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mislav/will_paginate
5
reference_url https://github.com/mislav/will_paginate/releases/tag/v3.0.5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/mislav/will_paginate/releases/tag/v3.0.5
6
reference_url https://groups.google.com/forum/#!topic/will_paginate/Dguinf-5Sbw
reference_id
reference_type
scores
url https://groups.google.com/forum/#!topic/will_paginate/Dguinf-5Sbw
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6459
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6459
8
reference_url https://web.archive.org/web/20150709163604/http://www.securityfocus.com/bid/64509
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20150709163604/http://www.securityfocus.com/bid/64509
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1046642
reference_id 1046642
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1046642
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733209
reference_id 733209
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=733209
11
reference_url https://github.com/advisories/GHSA-8r6h-7x9g-xmw9
reference_id GHSA-8r6h-7x9g-xmw9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8r6h-7x9g-xmw9
fixed_packages
aliases CVE-2013-6459, GHSA-8r6h-7x9g-xmw9, OSV-101138
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dh5x-wb2a-1ufj
15
url VCID-dtva-ze8n-vycd
vulnerability_id VCID-dtva-ze8n-vycd
summary foreman: inside discovery-debug, the root password is displayed in plaintext
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4996.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-4996.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-4996
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.1207
published_at 2026-04-01T12:55:00Z
1
value 0.0004
scoring_system epss
scoring_elements 0.1218
published_at 2026-04-02T12:55:00Z
2
value 0.0004
scoring_system epss
scoring_elements 0.12226
published_at 2026-04-04T12:55:00Z
3
value 0.0004
scoring_system epss
scoring_elements 0.12028
published_at 2026-04-07T12:55:00Z
4
value 0.0004
scoring_system epss
scoring_elements 0.1211
published_at 2026-04-08T12:55:00Z
5
value 0.0004
scoring_system epss
scoring_elements 0.12161
published_at 2026-04-09T12:55:00Z
6
value 0.0004
scoring_system epss
scoring_elements 0.12169
published_at 2026-04-11T12:55:00Z
7
value 0.0004
scoring_system epss
scoring_elements 0.12132
published_at 2026-04-12T12:55:00Z
8
value 0.0004
scoring_system epss
scoring_elements 0.121
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-4996
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1349136
reference_id 1349136
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1349136
fixed_packages
aliases CVE-2016-4996
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dtva-ze8n-vycd
16
url VCID-e488-4fjn-z3g2
vulnerability_id VCID-e488-4fjn-z3g2
summary foreman: Foreman information leak through unauthorized multiple_checkboxes helper
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7077.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7077.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-7077
reference_id
reference_type
scores
0
value 0.00251
scoring_system epss
scoring_elements 0.48346
published_at 2026-04-01T12:55:00Z
1
value 0.00251
scoring_system epss
scoring_elements 0.48381
published_at 2026-04-02T12:55:00Z
2
value 0.00251
scoring_system epss
scoring_elements 0.48402
published_at 2026-04-04T12:55:00Z
3
value 0.00251
scoring_system epss
scoring_elements 0.48355
published_at 2026-04-07T12:55:00Z
4
value 0.00251
scoring_system epss
scoring_elements 0.4841
published_at 2026-04-08T12:55:00Z
5
value 0.00251
scoring_system epss
scoring_elements 0.48404
published_at 2026-04-09T12:55:00Z
6
value 0.00251
scoring_system epss
scoring_elements 0.48428
published_at 2026-04-11T12:55:00Z
7
value 0.00251
scoring_system epss
scoring_elements 0.48403
published_at 2026-04-12T12:55:00Z
8
value 0.00251
scoring_system epss
scoring_elements 0.48415
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-7077
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1385777
reference_id 1385777
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1385777
fixed_packages
aliases CVE-2016-7077
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e488-4fjn-z3g2
17
url VCID-egve-f1uw-nfff
vulnerability_id VCID-egve-f1uw-nfff
summary foreman-debug: missing obfuscation of sensitive information
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9593.json
reference_id
reference_type
scores
0
value 4.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-9593.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-9593
reference_id
reference_type
scores
0
value 0.00218
scoring_system epss
scoring_elements 0.44351
published_at 2026-04-01T12:55:00Z
1
value 0.00218
scoring_system epss
scoring_elements 0.44437
published_at 2026-04-12T12:55:00Z
2
value 0.00218
scoring_system epss
scoring_elements 0.44458
published_at 2026-04-04T12:55:00Z
3
value 0.00218
scoring_system epss
scoring_elements 0.44394
published_at 2026-04-07T12:55:00Z
4
value 0.00218
scoring_system epss
scoring_elements 0.44445
published_at 2026-04-08T12:55:00Z
5
value 0.00218
scoring_system epss
scoring_elements 0.44452
published_at 2026-04-09T12:55:00Z
6
value 0.00218
scoring_system epss
scoring_elements 0.44468
published_at 2026-04-11T12:55:00Z
7
value 0.00218
scoring_system epss
scoring_elements 0.44436
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-9593
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1406384
reference_id 1406384
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1406384
fixed_packages
aliases CVE-2016-9593
risk_score 2.1
exploitability 0.5
weighted_severity 4.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-egve-f1uw-nfff
18
url VCID-kra9-9yr7-nbg6
vulnerability_id VCID-kra9-9yr7-nbg6
summary Interconnect: Denial of Service vulnerability in Red Hat JBoss AMQ Interconnect
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15699.json
reference_id
reference_type
scores
0
value 6.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15699.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15699
reference_id
reference_type
scores
0
value 0.01602
scoring_system epss
scoring_elements 0.81637
published_at 2026-04-01T12:55:00Z
1
value 0.01602
scoring_system epss
scoring_elements 0.81649
published_at 2026-04-02T12:55:00Z
2
value 0.01602
scoring_system epss
scoring_elements 0.81671
published_at 2026-04-04T12:55:00Z
3
value 0.01602
scoring_system epss
scoring_elements 0.81669
published_at 2026-04-07T12:55:00Z
4
value 0.01602
scoring_system epss
scoring_elements 0.81695
published_at 2026-04-08T12:55:00Z
5
value 0.01602
scoring_system epss
scoring_elements 0.817
published_at 2026-04-13T12:55:00Z
6
value 0.01602
scoring_system epss
scoring_elements 0.81719
published_at 2026-04-11T12:55:00Z
7
value 0.01602
scoring_system epss
scoring_elements 0.81707
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15699
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1512724
reference_id 1512724
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1512724
fixed_packages
aliases CVE-2017-15699
risk_score 2.7
exploitability 0.5
weighted_severity 5.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kra9-9yr7-nbg6
19
url VCID-p8ab-a4gk-eyd2
vulnerability_id VCID-p8ab-a4gk-eyd2
summary 
Multiple vulnerabilities have been found in the Chromium web
    browser, the worst of which allows remote attackers to execute arbitrary
    code.
references
0
reference_url http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html
reference_id
reference_type
scores
url http://googlechromereleases.blogspot.com/2016/05/stable-channel-update.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00043.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00050.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00048.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2016-07/msg00063.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2016-07/msg00063.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2016-1080.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-1080.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2017-0002.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2017-0002.html
7
reference_url https://access.redhat.com/errata/RHSA-2018:0336
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:0336
8
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1669.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1669.json
9
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-1669
reference_id
reference_type
scores
0
value 0.01626
scoring_system epss
scoring_elements 0.81796
published_at 2026-04-01T12:55:00Z
1
value 0.01626
scoring_system epss
scoring_elements 0.81861
published_at 2026-04-13T12:55:00Z
2
value 0.01626
scoring_system epss
scoring_elements 0.8186
published_at 2026-04-09T12:55:00Z
3
value 0.01626
scoring_system epss
scoring_elements 0.81879
published_at 2026-04-11T12:55:00Z
4
value 0.01626
scoring_system epss
scoring_elements 0.81867
published_at 2026-04-12T12:55:00Z
5
value 0.01626
scoring_system epss
scoring_elements 0.81807
published_at 2026-04-02T12:55:00Z
6
value 0.01626
scoring_system epss
scoring_elements 0.81829
published_at 2026-04-04T12:55:00Z
7
value 0.01626
scoring_system epss
scoring_elements 0.81827
published_at 2026-04-07T12:55:00Z
8
value 0.01626
scoring_system epss
scoring_elements 0.81853
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-1669
10
reference_url https://codereview.chromium.org/1945313002
reference_id
reference_type
scores
url https://codereview.chromium.org/1945313002
11
reference_url https://crbug.com/606115
reference_id
reference_type
scores
url https://crbug.com/606115
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10403
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1667
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1668
15
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1669
16
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1670
17
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1672
18
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1673
19
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1674
20
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1675
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1676
22
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1677
23
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1678
24
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1679
25
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1680
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1681
27
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1682
28
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1683
29
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1684
30
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1685
31
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1686
32
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1687
33
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1688
34
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1689
35
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1690
36
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1691
37
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1692
38
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1693
39
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1694
40
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1695
41
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
42
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541
43
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CITS5GIUTNWVSUXMSORIAJJLQBEGL2CK/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CITS5GIUTNWVSUXMSORIAJJLQBEGL2CK/
44
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPTKXI62OPCJCJGCSFMST4HIBQ27J72W/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZPTKXI62OPCJCJGCSFMST4HIBQ27J72W/
45
reference_url http://www.debian.org/security/2016/dsa-3590
reference_id
reference_type
scores
url http://www.debian.org/security/2016/dsa-3590
46
reference_url http://www.securityfocus.com/bid/90584
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/90584
47
reference_url http://www.securitytracker.com/id/1035872
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1035872
48
reference_url http://www.ubuntu.com/usn/USN-2960-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2960-1
49
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335449
reference_id 1335449
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335449
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:v8:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:google:v8:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:google:v8:*:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
59
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
60
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-1669
reference_id CVE-2016-1669
reference_type
scores
0
value 9.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:C/I:C/A:C
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-1669
61
reference_url https://security.gentoo.org/glsa/201605-02
reference_id GLSA-201605-02
reference_type
scores
url https://security.gentoo.org/glsa/201605-02
62
reference_url https://access.redhat.com/errata/RHSA-2016:1080
reference_id RHSA-2016:1080
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1080
63
reference_url https://access.redhat.com/errata/RHSA-2017:0002
reference_id RHSA-2017:0002
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0002
64
reference_url https://access.redhat.com/errata/RHSA-2017:0879
reference_id RHSA-2017:0879
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0879
65
reference_url https://access.redhat.com/errata/RHSA-2017:0880
reference_id RHSA-2017:0880
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0880
66
reference_url https://access.redhat.com/errata/RHSA-2017:0881
reference_id RHSA-2017:0881
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0881
67
reference_url https://access.redhat.com/errata/RHSA-2017:0882
reference_id RHSA-2017:0882
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:0882
68
reference_url https://usn.ubuntu.com/2960-1/
reference_id USN-2960-1
reference_type
scores
url https://usn.ubuntu.com/2960-1/
fixed_packages
aliases CVE-2016-1669
risk_score 4.2
exploitability 0.5
weighted_severity 8.4
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p8ab-a4gk-eyd2
20
url VCID-ph9r-qphf-8fam
vulnerability_id VCID-ph9r-qphf-8fam
summary pulp: Unsafe use of bash $RANDOM for NSS DB password and seed
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3704.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3704.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3704
reference_id
reference_type
scores
0
value 0.00543
scoring_system epss
scoring_elements 0.67647
published_at 2026-04-01T12:55:00Z
1
value 0.00543
scoring_system epss
scoring_elements 0.67682
published_at 2026-04-07T12:55:00Z
2
value 0.00543
scoring_system epss
scoring_elements 0.67702
published_at 2026-04-04T12:55:00Z
3
value 0.00543
scoring_system epss
scoring_elements 0.67734
published_at 2026-04-08T12:55:00Z
4
value 0.00543
scoring_system epss
scoring_elements 0.67748
published_at 2026-04-09T12:55:00Z
5
value 0.00543
scoring_system epss
scoring_elements 0.67771
published_at 2026-04-11T12:55:00Z
6
value 0.00543
scoring_system epss
scoring_elements 0.67757
published_at 2026-04-12T12:55:00Z
7
value 0.00543
scoring_system epss
scoring_elements 0.67724
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3704
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1330264
reference_id 1330264
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1330264
fixed_packages
aliases CVE-2016-3704
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ph9r-qphf-8fam
21
url VCID-sa68-rwqe-tfgp
vulnerability_id VCID-sa68-rwqe-tfgp
summary foreman: Stored XSS via organization/location with HTML in name
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8639.json
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8639.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8639
reference_id
reference_type
scores
0
value 0.00582
scoring_system epss
scoring_elements 0.68875
published_at 2026-04-01T12:55:00Z
1
value 0.00582
scoring_system epss
scoring_elements 0.68893
published_at 2026-04-02T12:55:00Z
2
value 0.00582
scoring_system epss
scoring_elements 0.68914
published_at 2026-04-04T12:55:00Z
3
value 0.00582
scoring_system epss
scoring_elements 0.68894
published_at 2026-04-07T12:55:00Z
4
value 0.00582
scoring_system epss
scoring_elements 0.68944
published_at 2026-04-08T12:55:00Z
5
value 0.00582
scoring_system epss
scoring_elements 0.68963
published_at 2026-04-09T12:55:00Z
6
value 0.00582
scoring_system epss
scoring_elements 0.68986
published_at 2026-04-11T12:55:00Z
7
value 0.00582
scoring_system epss
scoring_elements 0.68971
published_at 2026-04-12T12:55:00Z
8
value 0.00582
scoring_system epss
scoring_elements 0.68941
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8639
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1393291
reference_id 1393291
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1393291
fixed_packages
aliases CVE-2016-8639
risk_score 2.8
exploitability 0.5
weighted_severity 5.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sa68-rwqe-tfgp
Fixing_vulnerabilities
Risk_score4.2
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/tfm-rubygem-foreman-tasks-core@0.1.8-1.fm1_15%3Farch=el7sat