{"url":"http://public2.vulnerablecode.io/api/packages/116157?format=json","purl":"pkg:rpm/redhat/pcs@0.9.152-10?arch=el7","type":"rpm","namespace":"redhat","name":"pcs","version":"0.9.152-10","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85329?format=json","vulnerability_id":"VCID-9253-hxxf-b3ds","summary":"pcs: Cross-Site Request Forgery in web UI","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178261.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178261.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178384.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178384.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2596.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2596.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0720.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0720.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0720","reference_id":"","reference_type":"","scores":[{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51541","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51463","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51389","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.5144","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51467","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51426","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.5148","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51478","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51521","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.515","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51487","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.5153","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51538","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51516","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.5147","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51476","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51437","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51381","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51431","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51475","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51435","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0720"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0720","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0720"},{"reference_url":"https://github.com/ClusterLabs/pcs/commit/b9e7f061788c3b86a0c67d2d4158f067ec5eb625","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ClusterLabs/pcs/commit/b9e7f061788c3b86a0c67d2d4158f067ec5eb625"},{"reference_url":"http://www.securityfocus.com/bid/97984","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97984"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299614","reference_id":"1299614","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299614"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pcs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clusterlabs:pcs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pcs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0720","reference_id":"CVE-2016-0720","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0720"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2596","reference_id":"RHSA-2016:2596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2596"}],"fixed_packages":[],"aliases":["CVE-2016-0720"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9253-hxxf-b3ds"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85330?format=json","vulnerability_id":"VCID-p3c7-4pkf-1qg7","summary":"pcs: cookies are not invalidated upon logout","references":[{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178261.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178261.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178384.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178384.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2596.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2596.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0721.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0721.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0721","reference_id":"","reference_type":"","scores":[{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63587","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63535","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63333","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63393","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.6342","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63385","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63437","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63455","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63472","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63456","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63454","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63462","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63448","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63466","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63478","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63474","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63446","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.6349","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63544","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63508","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0721"},{"reference_url":"https://github.com/ClusterLabs/pcs/commit/acdbbe8307e6f4a36b2c7754765e732e43fe8d17","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ClusterLabs/pcs/commit/acdbbe8307e6f4a36b2c7754765e732e43fe8d17"},{"reference_url":"https://github.com/ClusterLabs/pcs/commit/bc6ad9086857559db57f4e3e6de66762291c0774","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ClusterLabs/pcs/commit/bc6ad9086857559db57f4e3e6de66762291c0774"},{"reference_url":"https://github.com/ClusterLabs/pcs/commit/e9b28833d54a47ec441f6dbad0db96e1fc662a5b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ClusterLabs/pcs/commit/e9b28833d54a47ec441f6dbad0db96e1fc662a5b"},{"reference_url":"http://www.securityfocus.com/bid/97977","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/97977"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299615","reference_id":"1299615","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299615"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pcs:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clusterlabs:pcs:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pcs:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0721","reference_id":"CVE-2016-0721","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"8.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-0721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2596","reference_id":"RHSA-2016:2596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2596"}],"fixed_packages":[],"aliases":["CVE-2016-0721"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p3c7-4pkf-1qg7"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/pcs@0.9.152-10%3Farch=el7"}