{"url":"http://public2.vulnerablecode.io/api/packages/117889?format=json","purl":"pkg:rpm/redhat/apache-mime4j@0.6-4_redhat_1.ep6.el6?arch=1","type":"rpm","namespace":"redhat","name":"apache-mime4j","version":"0.6-4_redhat_1.ep6.el6","qualifiers":{"arch":"1"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85737?format=json","vulnerability_id":"VCID-1yu9-avtx-cybv","summary":"foreman: API not scoping resources to taxonomies","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1844.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1844.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1844","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49444","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49473","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49499","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49452","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49507","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49503","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.4952","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49491","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49494","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49541","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49539","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.4951","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.495","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49466","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49383","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49442","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49471","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1844"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1207589","reference_id":"1207589","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1207589"}],"fixed_packages":[],"aliases":["CVE-2015-1844"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1yu9-avtx-cybv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86861?format=json","vulnerability_id":"VCID-67r2-k4bt-yqcr","summary":"Katello: /etc/katello/secure/passphrase is world readable","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0547.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0547.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5561.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5561.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5561","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28713","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.2918","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29256","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29306","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29119","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29184","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29224","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29229","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29183","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29131","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29157","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29134","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.29086","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28965","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28854","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28783","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28635","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28694","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5561"},{"reference_url":"https://github.com/Katello/katello/pull/1349","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/Katello/katello/pull/1349"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=879094","reference_id":"879094","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=879094"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:katello:katello:1.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:katello:katello:1.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:katello:katello:1.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5561","reference_id":"CVE-2012-5561","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:N/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5561"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0547","reference_id":"RHSA-2013:0547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0547"}],"fixed_packages":[],"aliases":["CVE-2012-5561"],"risk_score":0.9,"exploitability":"0.5","weighted_severity":"1.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-67r2-k4bt-yqcr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85693?format=json","vulnerability_id":"VCID-7f1h-1fw8-k7c4","summary":"foreman: the _session_id cookie is issued without the Secure flag","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3155.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3155.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3155","reference_id":"","reference_type":"","scores":[{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68193","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68214","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68233","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68209","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68259","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.683","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68288","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68254","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68294","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68305","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68285","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68327","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68336","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68341","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68318","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68362","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0056","scoring_system":"epss","scoring_elements":"0.68397","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3155"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1216035","reference_id":"1216035","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1216035"}],"fixed_packages":[],"aliases":["CVE-2015-3155"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7f1h-1fw8-k7c4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86129?format=json","vulnerability_id":"VCID-8wen-twwa-8khm","summary":"foreman: cross-site scripting (XSS) flaw in template preview screen","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3653.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3653.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3653","reference_id":"","reference_type":"","scores":[{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59891","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59968","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59993","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59963","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60013","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60026","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60047","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60032","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60014","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60054","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60061","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60046","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60016","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60034","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60022","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.59983","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60029","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60087","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3653"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1145398","reference_id":"1145398","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1145398"}],"fixed_packages":[],"aliases":["CVE-2014-3653"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8wen-twwa-8khm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6786?format=json","vulnerability_id":"VCID-91xe-ev7t-akb9","summary":"Uncontrolled Resource Consumption\nlib/rack/multipart.rb in Rack  uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header.","references":[{"reference_url":"http://rack.github.com/","reference_id":"","reference_type":"","scores":[],"url":"http://rack.github.com/"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0544","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0544"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2012-6109","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2012-6109"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6109","reference_id":"","reference_type":"","scores":[{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74634","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74503","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74524","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74506","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74497","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74535","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74542","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.7457","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74577","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74576","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74578","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74608","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.7445","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74454","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.7448","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74455","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74487","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6109"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895277","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/blob/master/README.rdoc","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/blob/master/README.rdoc"},{"reference_url":"https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440","reference_id":"698440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:0.9.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:0.9.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6109","reference_id":"CVE-2012-6109","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6109"},{"reference_url":"https://github.com/advisories/GHSA-h77x-m5q8-c29h","reference_id":"GHSA-h77x-m5q8-c29h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h77x-m5q8-c29h"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"}],"fixed_packages":[],"aliases":["CVE-2012-6109","GHSA-h77x-m5q8-c29h","OSV-89317"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-91xe-ev7t-akb9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6788?format=json","vulnerability_id":"VCID-9uh8-upzm-7bgd","summary":"Uncontrolled Resource Consumption\nUnspecified vulnerability in Rack::Auth::AbstractRequest in Rack  allows remote attackers to cause a denial of service via unknown vectors related to \"symbolized arbitrary strings.\"","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0544","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0548","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0548"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-0184","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-0184"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0184","reference_id":"","reference_type":"","scores":[{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71649","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71552","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.7153","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71581","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71589","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71593","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71579","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71614","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71463","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.7147","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71487","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.7146","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.715","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71512","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71535","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71519","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71501","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71547","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0184"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895384","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d"},{"reference_url":"http://www.debian.org/security/2013/dsa-2783","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2013/dsa-2783"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440","reference_id":"698440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0184","reference_id":"CVE-2013-0184","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:N/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0184"},{"reference_url":"https://github.com/advisories/GHSA-v882-ccj6-jc48","reference_id":"GHSA-v882-ccj6-jc48","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v882-ccj6-jc48"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"}],"fixed_packages":[],"aliases":["CVE-2013-0184","GHSA-v882-ccj6-jc48","OSV-89327"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9uh8-upzm-7bgd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85795?format=json","vulnerability_id":"VCID-rc65-py17-kuhm","summary":"foreman: lack of SSL certificate validation when performing LDAPS authentication","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1816.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1816.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1816","reference_id":"","reference_type":"","scores":[{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44212","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44279","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44302","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44235","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44287","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44292","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44309","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44277","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44335","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44326","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44254","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44175","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44178","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44095","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.43973","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.4405","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00217","scoring_system":"epss","scoring_elements":"0.44067","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1816"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1208602","reference_id":"1208602","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1208602"}],"fixed_packages":[],"aliases":["CVE-2015-1816"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rc65-py17-kuhm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85617?format=json","vulnerability_id":"VCID-sqjb-qpyd-p7gn","summary":"foreman: edit_users permission allows changing of admin passwords","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3235.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3235.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3235","reference_id":"","reference_type":"","scores":[{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68522","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.6854","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68558","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68537","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68588","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68605","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68631","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68618","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68589","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68629","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68639","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68666","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68671","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68676","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68655","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68698","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0057","scoring_system":"epss","scoring_elements":"0.68735","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3235"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1232366","reference_id":"1232366","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1232366"}],"fixed_packages":[],"aliases":["CVE-2015-3235"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sqjb-qpyd-p7gn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5397?format=json","vulnerability_id":"VCID-tbug-mv5x-uucb","summary":"The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1591","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2015:1591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1592","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2015:1592"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4346.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4346.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-4346","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-4346"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4346","reference_id":"","reference_type":"","scores":[{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64626","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64544","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64597","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64672","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64661","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64625","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64653","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64665","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64648","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64632","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00472","scoring_system":"epss","scoring_elements":"0.64584","published_at":"2026-04-07T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66081","published_at":"2026-05-09T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65986","published_at":"2026-04-21T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66006","published_at":"2026-04-24T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66018","published_at":"2026-04-26T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66015","published_at":"2026-04-29T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.65992","published_at":"2026-05-05T12:55:00Z"},{"value":"0.005","scoring_system":"epss","scoring_elements":"0.66038","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4346"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1007746","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1007746"},{"reference_url":"https://github.com/joestump/python-oauth2","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/joestump/python-oauth2"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-85.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-85.yaml"},{"reference_url":"https://github.com/simplegeo/python-oauth2/issues/129","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/simplegeo/python-oauth2/issues/129"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4346","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4346"},{"reference_url":"https://web.archive.org/web/20200228063302/http://www.securityfocus.com/bid/62386","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200228063302/http://www.securityfocus.com/bid/62386"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/09/12/7","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/09/12/7"},{"reference_url":"http://www.securityfocus.com/bid/62386","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/62386"},{"reference_url":"https://github.com/advisories/GHSA-4433-4cxq-vv73","reference_id":"GHSA-4433-4cxq-vv73","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-4433-4cxq-vv73"}],"fixed_packages":[],"aliases":["CVE-2013-4346","GHSA-4433-4cxq-vv73","PYSEC-2014-85"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-tbug-mv5x-uucb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6789?format=json","vulnerability_id":"VCID-teq8-nqhf-xbbq","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nmultipart/parser.rb in Rack allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"http://rack.github.com","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rack.github.com"},{"reference_url":"http://rack.github.com/","reference_id":"","reference_type":"","scores":[],"url":"http://rack.github.com/"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0544","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0544"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0183.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0183.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-0183","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-0183"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0183","reference_id":"","reference_type":"","scores":[{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.8302","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82868","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82874","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.8289","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82885","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82881","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.8292","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82921","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82924","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82944","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82954","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82958","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82979","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82999","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82816","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82833","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82846","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.82842","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0183"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895282","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/commit/548b9af2dc0059f4c0c19728624448d84de450ff","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/548b9af2dc0059f4c0c19728624448d84de450ff"},{"reference_url":"https://github.com/rack/rack/commit/f95113402b7239f225282806673e1b6424522b18","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/f95113402b7239f225282806673e1b6424522b18"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0183.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0183.yml"},{"reference_url":"https://groups.google.com/forum/#%21topic/rack-devel/7ZKPNAjgRSs","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21topic/rack-devel/7ZKPNAjgRSs"},{"reference_url":"https://groups.google.com/forum/#%21topic/rack-devel/-MWPHDeGWtI","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21topic/rack-devel/-MWPHDeGWtI"},{"reference_url":"https://groups.google.com/forum/#!topic/rack-devel/7ZKPNAjgRSs","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/rack-devel/7ZKPNAjgRSs"},{"reference_url":"https://groups.google.com/forum/#!topic/rack-devel/-MWPHDeGWtI","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/rack-devel/-MWPHDeGWtI"},{"reference_url":"http://www.debian.org/security/2013/dsa-2783","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2013/dsa-2783"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440","reference_id":"698440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0183","reference_id":"CVE-2013-0183","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0183"},{"reference_url":"https://github.com/advisories/GHSA-3pxh-h8hw-mj8w","reference_id":"GHSA-3pxh-h8hw-mj8w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3pxh-h8hw-mj8w"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"}],"fixed_packages":[],"aliases":["CVE-2013-0183","GHSA-3pxh-h8hw-mj8w","OSV-89320"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-teq8-nqhf-xbbq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86174?format=json","vulnerability_id":"VCID-utxw-251d-gfff","summary":"rhn_satellite_6: cross-site request forgery (CSRF) can force logout","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3590.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3590.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3590","reference_id":"","reference_type":"","scores":[{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47402","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47436","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47457","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47407","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47461","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47458","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47481","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47456","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47462","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47522","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47514","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47467","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47453","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47409","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.47326","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.4739","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00242","scoring_system":"epss","scoring_elements":"0.4741","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-3590"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1128108","reference_id":"1128108","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1128108"}],"fixed_packages":[],"aliases":["CVE-2014-3590"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-utxw-251d-gfff"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6787?format=json","vulnerability_id":"VCID-vspr-h3ds-dudq","summary":"Incorrect temporary file usage\nThe ruby_parser Gem does not create temporary files securely. In the `diff_pp` function contained in `lib/gauntlet_rubyparser.rb` function, it creates files as `/tmp/a.[pid]` and `/tmp/b.[pid]` which can be predicted and used for either a denial of service (file cannot be overwritten), or to change the contents of files that are writable.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0544","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0582","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0582"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0162.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0162.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-0162","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-0162"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0162","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35015","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35439","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35427","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35374","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35139","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35118","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35029","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.34907","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.34979","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35279","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35478","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35503","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35386","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35432","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35457","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35465","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35423","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35399","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0162"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=892806","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=892806"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby_parser/CVE-2013-0162.yml","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby_parser/CVE-2013-0162.yml"},{"reference_url":"https://github.com/seattlerb/ruby_parser","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/seattlerb/ruby_parser"},{"reference_url":"https://github.com/seattlerb/ruby_parser/commit/506c7e13cff6f8715385fa8488b621028b4ad280","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/seattlerb/ruby_parser/commit/506c7e13cff6f8715385fa8488b621028b4ad280"},{"reference_url":"https://github.com/seattlerb/ruby_parser/commit/c35acd878d50a8e4ea35933e3fbdc493421d422c","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/seattlerb/ruby_parser/commit/c35acd878d50a8e4ea35933e3fbdc493421d422c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0162","reference_id":"","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:P/A:N"},{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0162"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:1.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:1.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:1.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:2.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:2.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:2.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:2.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:2.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:2.0.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:2.0.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.0.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:2.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:2.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:2.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:2.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:2.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.0.a9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.0.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.0.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:ryan_davis:ruby_parser:3.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ryan_davis:ruby_parser:3.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-8mvw-22r7-w6fq","reference_id":"GHSA-8mvw-22r7-w6fq","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8mvw-22r7-w6fq"}],"fixed_packages":[],"aliases":["CVE-2013-0162","GHSA-8mvw-22r7-w6fq","OSV-90561"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vspr-h3ds-dudq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86887?format=json","vulnerability_id":"VCID-y93x-twrw-bfbf","summary":"Katello: lack of authorization in proxies_controller.rb","references":[{"reference_url":"http://osvdb.org/88140","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/88140"},{"reference_url":"http://osvdb.org/88142","reference_id":"","reference_type":"","scores":[],"url":"http://osvdb.org/88142"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2012-1543.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2012-1543.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5603.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5603.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5603","reference_id":"","reference_type":"","scores":[{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48573","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48555","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48596","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.4862","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48572","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48626","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48621","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48639","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48612","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48625","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48674","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.4867","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.4861","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48571","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48486","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48548","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5603"},{"reference_url":"http://secunia.com/advisories/51472","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/51472"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/80549","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/80549"},{"reference_url":"http://www.securityfocus.com/bid/56819","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/56819"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=882129","reference_id":"882129","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=882129"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:redhat:cloudforms:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:cloudforms:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5603","reference_id":"CVE-2012-5603","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:P/I:P/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-5603"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1543","reference_id":"RHSA-2012:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1543"}],"fixed_packages":[],"aliases":["CVE-2012-5603"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y93x-twrw-bfbf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5398?format=json","vulnerability_id":"VCID-zkgb-14kz-33dz","summary":"The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack.","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1591","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2015:1591"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1592","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2015:1592"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4347.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4347.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-4347","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-4347"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4347","reference_id":"","reference_type":"","scores":[{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61276","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61445","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61441","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61402","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61421","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61436","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61415","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.614","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61353","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61383","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61355","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62754","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62677","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.6269","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62706","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62704","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62654","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00432","scoring_system":"epss","scoring_elements":"0.62702","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-4347"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1007758","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1007758"},{"reference_url":"https://github.com/joestump/python-oauth2","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/joestump/python-oauth2"},{"reference_url":"https://github.com/joestump/python-oauth2/commit/82dd2cdd4954cd7b8983d5d64c0dfd9072bf4650","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/joestump/python-oauth2/commit/82dd2cdd4954cd7b8983d5d64c0dfd9072bf4650"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-86.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-86.yaml"},{"reference_url":"https://github.com/simplegeo/python-oauth2/issues/9","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/simplegeo/python-oauth2/issues/9"},{"reference_url":"https://github.com/simplegeo/python-oauth2/pull/146","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/simplegeo/python-oauth2/pull/146"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4347","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-4347"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/09/12/7","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/09/12/7"},{"reference_url":"http://www.securityfocus.com/bid/62388","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"},{"value":"6.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/62388"},{"reference_url":"https://github.com/advisories/GHSA-rv8h-p43r-4x5r","reference_id":"GHSA-rv8h-p43r-4x5r","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rv8h-p43r-4x5r"}],"fixed_packages":[],"aliases":["CVE-2013-4347","GHSA-rv8h-p43r-4x5r","PYSEC-2014-86"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zkgb-14kz-33dz"}],"fixing_vulnerabilities":[],"risk_score":"4.0","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/apache-mime4j@0.6-4_redhat_1.ep6.el6%3Farch=1"}