Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/openshift-ansible@3.2.42-1.git.0.6b09be9?arch=el7
Typerpm
Namespaceredhat
Nameopenshift-ansible
Version3.2.42-1.git.0.6b09be9
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-q4q1-aueh-sub2
vulnerability_id VCID-q4q1-aueh-sub2
summary Ansible before version 2.2.0 fails to properly sanitize fact variables sent from the Ansible controller. An attacker with the ability to create special variables on the controller could execute arbitrary commands on Ansible clients as the user Ansible runs as.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:2778
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:2778
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8628.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-8628.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-8628
reference_id
reference_type
scores
0
value 0.00422
scoring_system epss
scoring_elements 0.62098
published_at 2026-04-09T12:55:00Z
1
value 0.00422
scoring_system epss
scoring_elements 0.6208
published_at 2026-04-08T12:55:00Z
2
value 0.00422
scoring_system epss
scoring_elements 0.62031
published_at 2026-04-07T12:55:00Z
3
value 0.00422
scoring_system epss
scoring_elements 0.62061
published_at 2026-04-04T12:55:00Z
4
value 0.00422
scoring_system epss
scoring_elements 0.6203
published_at 2026-04-02T12:55:00Z
5
value 0.00422
scoring_system epss
scoring_elements 0.62118
published_at 2026-04-11T12:55:00Z
6
value 0.00422
scoring_system epss
scoring_elements 0.62107
published_at 2026-04-12T12:55:00Z
7
value 0.00422
scoring_system epss
scoring_elements 0.62086
published_at 2026-04-13T12:55:00Z
8
value 0.00422
scoring_system epss
scoring_elements 0.61959
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-8628
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8628
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8628
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8628
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8628
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:P/I:P/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/advisories/GHSA-jg4f-jqm5-4mgq
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
2
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-jg4f-jqm5-4mgq
7
reference_url https://github.com/ansible/ansible
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible
8
reference_url https://github.com/ansible/ansible/commit/35938b907dfcd1106ca40b794f0db446bdb8cf09
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/commit/35938b907dfcd1106ca40b794f0db446bdb8cf09
9
reference_url https://github.com/ansible/ansible/issues/41903
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ansible/ansible/issues/41903
10
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-38.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2018-38.yaml
11
reference_url https://web.archive.org/web/20200227214455/http://www.securityfocus.com/bid/94109
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227214455/http://www.securityfocus.com/bid/94109
12
reference_url http://www.securityfocus.com/bid/94109
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/94109
13
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1388113
reference_id 1388113
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1388113
14
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842985
reference_id 842985
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=842985
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-8628
reference_id CVE-2016-8628
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value 9.4
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-8628
fixed_packages
aliases CVE-2016-8628, GHSA-jg4f-jqm5-4mgq, PYSEC-2018-38
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q4q1-aueh-sub2
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift-ansible@3.2.42-1.git.0.6b09be9%3Farch=el7