{"url":"http://public2.vulnerablecode.io/api/packages/107131?format=json","purl":"pkg:rpm/redhat/cockpit@160-3?arch=el7","type":"rpm","namespace":"redhat","name":"cockpit","version":"160-3","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/53094?format=json","vulnerability_id":"VCID-3m8h-88sb-f7hk","summary":"Privilege Escalation in Kubernetes\nIn all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3537","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3537"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3549","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3551","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3598","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3624","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3624"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3742","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3752","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3752"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:3754","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2018:3754"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002105.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1002105.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1002105","reference_id":"","reference_type":"","scores":[{"value":"0.90349","scoring_system":"epss","scoring_elements":"0.99605","published_at":"2026-04-24T12:55:00Z"},{"value":"0.90349","scoring_system":"epss","scoring_elements":"0.99606","published_at":"2026-04-29T12:55:00Z"},{"value":"0.90698","scoring_system":"epss","scoring_elements":"0.99621","published_at":"2026-04-18T12:55:00Z"},{"value":"0.90698","scoring_system":"epss","scoring_elements":"0.99619","published_at":"2026-04-02T12:55:00Z"},{"value":"0.90698","scoring_system":"epss","scoring_elements":"0.9962","published_at":"2026-04-07T12:55:00Z"},{"value":"0.90698","scoring_system":"epss","scoring_elements":"0.99622","published_at":"2026-04-16T12:55:00Z"},{"value":"0.90771","scoring_system":"epss","scoring_elements":"0.99634","published_at":"2026-05-12T12:55:00Z"},{"value":"0.90771","scoring_system":"epss","scoring_elements":"0.99632","published_at":"2026-05-09T12:55:00Z"},{"value":"0.90771","scoring_system":"epss","scoring_elements":"0.99631","published_at":"2026-05-05T12:55:00Z"},{"value":"0.90771","scoring_system":"epss","scoring_elements":"0.99633","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1002105"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002105","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1002105"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/evict/poc_CVE-2018-1002105","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/evict/poc_CVE-2018-1002105"},{"reference_url":"https://github.com/kubernetes/kubernetes/commit/2257c1ecbe3c0cf71dd50b82752ae189c94ec905","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/kubernetes/kubernetes/commit/2257c1ecbe3c0cf71dd50b82752ae189c94ec905"},{"reference_url":"https://github.com/kubernetes/kubernetes/issues/71411","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/kubernetes/kubernetes/issues/71411"},{"reference_url":"https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88"},{"reference_url":"https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1002105","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-1002105"},{"reference_url":"https://security.netapp.com/advisory/ntap-20190416-0001","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.netapp.com/advisory/ntap-20190416-0001"},{"reference_url":"https://www.coalfire.com/The-Coalfire-Blog/December-2018/Kubernetes-Vulnerability-What-You-Can-Should-Do","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.coalfire.com/The-Coalfire-Blog/December-2018/Kubernetes-Vulnerability-What-You-Can-Should-Do"},{"reference_url":"https://www.exploit-db.com/exploits/46052","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/46052"},{"reference_url":"https://www.exploit-db.com/exploits/46053","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/46053"},{"reference_url":"https://www.openwall.com/lists/oss-security/2019/06/28/2","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.openwall.com/lists/oss-security/2019/06/28/2"},{"reference_url":"https://www.openwall.com/lists/oss-security/2019/07/06/3","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.openwall.com/lists/oss-security/2019/07/06/3"},{"reference_url":"https://www.openwall.com/lists/oss-security/2019/07/06/4","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.openwall.com/lists/oss-security/2019/07/06/4"},{"reference_url":"https://www.securityfocus.com/bid/106068","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.securityfocus.com/bid/106068"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1648138","reference_id":"1648138","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1648138"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915828","reference_id":"915828","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=915828"},{"reference_url":"https://github.com/evict/poc_CVE-2018-1002105/blob/ed5da79aadad0049d11f89fcb9ed65f987a331a1/unauth_poc.py","reference_id":"CVE-2018-1002105","reference_type":"exploit","scores":[],"url":"https://github.com/evict/poc_CVE-2018-1002105/blob/ed5da79aadad0049d11f89fcb9ed65f987a331a1/unauth_poc.py"},{"reference_url":"https://github.com/evict/poc_CVE-2018-1002105/blob/f704f2e593fbb686b4a5799dc13e8bfcec13f3c3/poc.py","reference_id":"CVE-2018-1002105","reference_type":"exploit","scores":[],"url":"https://github.com/evict/poc_CVE-2018-1002105/blob/f704f2e593fbb686b4a5799dc13e8bfcec13f3c3/poc.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46052.py","reference_id":"CVE-2018-1002105","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46052.py"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46053.py","reference_id":"CVE-2018-1002105","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/46053.py"}],"fixed_packages":[],"aliases":["CVE-2018-1002105","GHSA-579h-mv94-g4gp"],"risk_score":10.0,"exploitability":"2.0","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3m8h-88sb-f7hk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83556?format=json","vulnerability_id":"VCID-ep8y-hq9y-afcu","summary":"atomic-openshift: cluster-reader can escalate to creating builds via webhooks in any project","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15138.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15138.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15138","reference_id":"","reference_type":"","scores":[{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37439","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37605","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37628","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37506","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37557","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.3757","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37584","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.3755","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37524","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37571","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37552","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37487","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37267","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37246","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37154","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37036","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37103","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37122","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37042","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00165","scoring_system":"epss","scoring_elements":"0.37017","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15138"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566212","reference_id":"1566212","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566212"}],"fixed_packages":[],"aliases":["CVE-2017-15138"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ep8y-hq9y-afcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/83570?format=json","vulnerability_id":"VCID-vtvy-ec7a-xua9","summary":"atomic-openshift: image import whitelist can be bypassed by creating an imagestream or using oc tag","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2018:0489","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHBA-2018:0489"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15137.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15137.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15137","reference_id":"","reference_type":"","scores":[{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37698","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3728","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37369","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3739","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37308","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.3788","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37904","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37783","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37833","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37846","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37861","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37825","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37799","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37826","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37764","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37527","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37505","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37416","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00167","scoring_system":"epss","scoring_elements":"0.37301","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-15137"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15137","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-15137"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566191","reference_id":"1566191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1566191"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15137","reference_id":"CVE-2017-15137","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"},{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"},{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-15137"}],"fixed_packages":[],"aliases":["CVE-2017-15137"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vtvy-ec7a-xua9"}],"fixing_vulnerabilities":[],"risk_score":"10.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cockpit@160-3%3Farch=el7"}