{"url":"http://public2.vulnerablecode.io/api/packages/114554?format=json","purl":"pkg:rpm/redhat/python27-python@2.7.8-18?arch=el6","type":"rpm","namespace":"redhat","name":"python27-python","version":"2.7.8-18","qualifiers":{"arch":"el6"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86043?format=json","vulnerability_id":"VCID-3mu8-g6x3-effb","summary":"python: http protocol steam injection attack","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5699.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5699.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5699","reference_id":"","reference_type":"","scores":[{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97014","published_at":"2026-04-01T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97021","published_at":"2026-04-02T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97025","published_at":"2026-04-07T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97035","published_at":"2026-04-08T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97036","published_at":"2026-04-09T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97039","published_at":"2026-04-12T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.9704","published_at":"2026-04-13T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.9705","published_at":"2026-04-16T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97054","published_at":"2026-04-18T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97059","published_at":"2026-04-21T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.9706","published_at":"2026-04-24T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97063","published_at":"2026-04-26T12:55:00Z"},{"value":"0.35276","scoring_system":"epss","scoring_elements":"0.97064","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-5699"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5699"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1303699","reference_id":"1303699","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1303699"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1626","reference_id":"RHSA-2016:1626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1627","reference_id":"RHSA-2016:1627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1628","reference_id":"RHSA-2016:1628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1629","reference_id":"RHSA-2016:1629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1630","reference_id":"RHSA-2016:1630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1630"},{"reference_url":"https://usn.ubuntu.com/3134-1/","reference_id":"USN-3134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3134-1/"}],"fixed_packages":[],"aliases":["CVE-2016-5699"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3mu8-g6x3-effb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51185?format=json","vulnerability_id":"VCID-hgwh-tzsf-suc1","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0772.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0772.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0772","reference_id":"","reference_type":"","scores":[{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90443","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90447","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90459","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90464","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90476","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90482","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.9049","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90483","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.905","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90499","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90512","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90511","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05778","scoring_system":"epss","scoring_elements":"0.90509","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0772"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0772"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1303647","reference_id":"1303647","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1303647"},{"reference_url":"https://github.com/tintinweb/pub/tree/11f6ebda59ad878377df78351f8ab580660d0024/pocs/cve-2016-0772","reference_id":"CVE-2016-0772","reference_type":"exploit","scores":[],"url":"https://github.com/tintinweb/pub/tree/11f6ebda59ad878377df78351f8ab580660d0024/pocs/cve-2016-0772"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43500.txt","reference_id":"CVE-2016-0772","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/local/43500.txt"},{"reference_url":"https://security.gentoo.org/glsa/201701-18","reference_id":"GLSA-201701-18","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201701-18"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1626","reference_id":"RHSA-2016:1626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1627","reference_id":"RHSA-2016:1627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1628","reference_id":"RHSA-2016:1628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1629","reference_id":"RHSA-2016:1629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1630","reference_id":"RHSA-2016:1630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1630"},{"reference_url":"https://usn.ubuntu.com/3134-1/","reference_id":"USN-3134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3134-1/"}],"fixed_packages":[],"aliases":["CVE-2016-0772"],"risk_score":8.6,"exploitability":"2.0","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hgwh-tzsf-suc1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85004?format=json","vulnerability_id":"VCID-ugfy-dufq-hfb2","summary":"CGIHandler: sets environmental variable based on user supplied Proxy request header","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000110.json","reference_id":"","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1000110.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1000110","reference_id":"","reference_type":"","scores":[{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90627","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90614","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.9063","published_at":"2026-04-24T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90632","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90572","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.9058","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90591","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90598","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90607","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90601","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.9062","published_at":"2026-04-16T12:55:00Z"},{"value":"0.05904","scoring_system":"epss","scoring_elements":"0.90617","published_at":"2026-04-18T12:55:00Z"},{"value":"0.09899","scoring_system":"epss","scoring_elements":"0.92986","published_at":"2026-04-02T12:55:00Z"},{"value":"0.09899","scoring_system":"epss","scoring_elements":"0.92978","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-1000110"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000110"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:P/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1357334","reference_id":"1357334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1357334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1626","reference_id":"RHSA-2016:1626","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1627","reference_id":"RHSA-2016:1627","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1627"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1628","reference_id":"RHSA-2016:1628","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1628"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1629","reference_id":"RHSA-2016:1629","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:1630","reference_id":"RHSA-2016:1630","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:1630"},{"reference_url":"https://usn.ubuntu.com/3134-1/","reference_id":"USN-3134-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3134-1/"}],"fixed_packages":[],"aliases":["CVE-2016-1000110"],"risk_score":2.2,"exploitability":"0.5","weighted_severity":"4.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ugfy-dufq-hfb2"}],"fixing_vulnerabilities":[],"risk_score":"8.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python27-python@2.7.8-18%3Farch=el6"}