{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","type":"deb","namespace":"debian","name":"pcs","version":"0.12.2-2","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97662?format=json","vulnerability_id":"VCID-53d7-3b54-z3hq","summary":"A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1049.json","reference_id":"","reference_type":"","scores":[{"value":"6.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1049.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1049","reference_id":"","reference_type":"","scores":[{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.51032","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.51093","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.51099","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.51077","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.51047","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00274","scoring_system":"epss","scoring_elements":"0.51066","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-1049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2735"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2066629","reference_id":"2066629","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2066629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7447","reference_id":"RHSA-2022:7447","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7447"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7935","reference_id":"RHSA-2022:7935","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7935"},{"reference_url":"https://usn.ubuntu.com/7614-1/","reference_id":"USN-7614-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7614-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/122110?format=json","purl":"pkg:deb/debian/pcs@0.10.8-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.10.8-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122116?format=json","purl":"pkg:deb/debian/pcs@0.11.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122108?format=json","purl":"pkg:deb/debian/pcs@0.11.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122112?format=json","purl":"pkg:deb/debian/pcs@0.12.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}],"aliases":["CVE-2022-1049"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-53d7-3b54-z3hq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97658?format=json","vulnerability_id":"VCID-8xkw-kj62-mqes","summary":"Session fixation vulnerability in pcsd in pcs before 0.9.157.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0721.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0721.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0721","reference_id":"","reference_type":"","scores":[{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63745","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63786","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63794","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63774","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00445","scoring_system":"epss","scoring_elements":"0.63793","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0721"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0721","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0721"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299615","reference_id":"1299615","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299615"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2596","reference_id":"RHSA-2016:2596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2596"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/122113?format=json","purl":"pkg:deb/debian/pcs@0.9.149-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.9.149-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122110?format=json","purl":"pkg:deb/debian/pcs@0.10.8-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.10.8-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122108?format=json","purl":"pkg:deb/debian/pcs@0.11.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122112?format=json","purl":"pkg:deb/debian/pcs@0.12.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}],"aliases":["CVE-2016-0721"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8xkw-kj62-mqes"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97663?format=json","vulnerability_id":"VCID-bs45-hyqr-ckgj","summary":"A vulnerability was found in the PCS project. This issue occurs due to incorrect permissions on a Unix socket used for internal communication between PCS daemons. A privilege escalation could happen by obtaining an authentication token for a hacluster user. With the \"hacluster\" token, this flaw allows an attacker to have complete control over the cluster managed by PCS.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2735.json","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2735.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2735","reference_id":"","reference_type":"","scores":[{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16425","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16507","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16504","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16462","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16382","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00051","scoring_system":"epss","scoring_elements":"0.16398","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2735"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1049","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1049"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2735","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2735"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018930","reference_id":"1018930","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018930"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2116815","reference_id":"2116815","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2116815"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6312","reference_id":"RHSA-2022:6312","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6312"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6313","reference_id":"RHSA-2022:6313","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6313"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6314","reference_id":"RHSA-2022:6314","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6314"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:6341","reference_id":"RHSA-2022:6341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:6341"},{"reference_url":"https://usn.ubuntu.com/7614-1/","reference_id":"USN-7614-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7614-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/122110?format=json","purl":"pkg:deb/debian/pcs@0.10.8-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.10.8-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122117?format=json","purl":"pkg:deb/debian/pcs@0.11.3-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.3-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122108?format=json","purl":"pkg:deb/debian/pcs@0.11.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122112?format=json","purl":"pkg:deb/debian/pcs@0.12.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}],"aliases":["CVE-2022-2735"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bs45-hyqr-ckgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97654?format=json","vulnerability_id":"VCID-eg8u-ckqd-jbg6","summary":"The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.  NOTE: this issue was SPLIT from CVE-2015-1848 per ADT2 due to different vulnerability types.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3983.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3983.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3983","reference_id":"","reference_type":"","scores":[{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69833","published_at":"2026-06-04T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69873","published_at":"2026-06-05T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69881","published_at":"2026-06-06T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69871","published_at":"2026-06-07T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.6986","published_at":"2026-06-08T12:55:00Z"},{"value":"0.006","scoring_system":"epss","scoring_elements":"0.69883","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-3983"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1208294","reference_id":"1208294","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1208294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0980","reference_id":"RHSA-2015:0980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0990","reference_id":"RHSA-2015:0990","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/122109?format=json","purl":"pkg:deb/debian/pcs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122110?format=json","purl":"pkg:deb/debian/pcs@0.10.8-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.10.8-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122108?format=json","purl":"pkg:deb/debian/pcs@0.11.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122112?format=json","purl":"pkg:deb/debian/pcs@0.12.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}],"aliases":["CVE-2015-3983"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eg8u-ckqd-jbg6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97657?format=json","vulnerability_id":"VCID-fwrc-r6qh-47ey","summary":"Cross-site request forgery (CSRF) vulnerability in pcsd web UI in pcs before 0.9.149.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0720.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0720.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0720","reference_id":"","reference_type":"","scores":[{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.5172","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.5178","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51789","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51768","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51735","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00281","scoring_system":"epss","scoring_elements":"0.51754","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-0720"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0720","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0720"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299614","reference_id":"1299614","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1299614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2596","reference_id":"RHSA-2016:2596","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2596"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/122113?format=json","purl":"pkg:deb/debian/pcs@0.9.149-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.9.149-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122110?format=json","purl":"pkg:deb/debian/pcs@0.10.8-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.10.8-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122108?format=json","purl":"pkg:deb/debian/pcs@0.11.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122112?format=json","purl":"pkg:deb/debian/pcs@0.12.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}],"aliases":["CVE-2016-0720"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fwrc-r6qh-47ey"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97660?format=json","vulnerability_id":"VCID-pspk-kmvm-5yhz","summary":"pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call. The REST interface of the pcsd service did not properly sanitize the file name from the /remote/put_file query. If the /etc/booth directory exists, an authenticated attacker with write permissions could create or overwrite arbitrary files with arbitrary data outside of the /etc/booth directory, in the context of the pcsd process.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1079.json","reference_id":"","reference_type":"","scores":[{"value":"8.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1079.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1079","reference_id":"","reference_type":"","scores":[{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61498","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61546","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61553","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61542","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61525","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00408","scoring_system":"epss","scoring_elements":"0.61545","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1079"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1079","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1079"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1550243","reference_id":"1550243","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1550243"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895314","reference_id":"895314","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895314"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/122115?format=json","purl":"pkg:deb/debian/pcs@0.9.164-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.9.164-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122110?format=json","purl":"pkg:deb/debian/pcs@0.10.8-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.10.8-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122108?format=json","purl":"pkg:deb/debian/pcs@0.11.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122112?format=json","purl":"pkg:deb/debian/pcs@0.12.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}],"aliases":["CVE-2018-1079"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pspk-kmvm-5yhz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97661?format=json","vulnerability_id":"VCID-rz5a-tv42-u7fy","summary":"pcs before versions 0.9.164 and 0.10 is vulnerable to a debug parameter removal bypass. REST interface of the pcsd service did not properly remove the pcs debug argument from the /run_pcs query, possibly disclosing sensitive information. A remote attacker with a valid token could use this flaw to elevate their privilege.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1086.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1086.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1086","reference_id":"","reference_type":"","scores":[{"value":"0.002","scoring_system":"epss","scoring_elements":"0.41984","published_at":"2026-06-04T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42059","published_at":"2026-06-05T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42069","published_at":"2026-06-06T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42041","published_at":"2026-06-07T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42007","published_at":"2026-06-08T12:55:00Z"},{"value":"0.002","scoring_system":"epss","scoring_elements":"0.42015","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-1086"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1086","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1086"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1557366","reference_id":"1557366","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1557366"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895313","reference_id":"895313","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895313"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1927","reference_id":"RHSA-2018:1927","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:1927"},{"reference_url":"https://usn.ubuntu.com/7614-1/","reference_id":"USN-7614-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7614-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/122115?format=json","purl":"pkg:deb/debian/pcs@0.9.164-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.9.164-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122110?format=json","purl":"pkg:deb/debian/pcs@0.10.8-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.10.8-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122108?format=json","purl":"pkg:deb/debian/pcs@0.11.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122112?format=json","purl":"pkg:deb/debian/pcs@0.12.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}],"aliases":["CVE-2018-1086"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rz5a-tv42-u7fy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97653?format=json","vulnerability_id":"VCID-sfht-9yej-subw","summary":"The pcs daemon (pcsd) in PCS 0.9.137 and earlier does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.  NOTE: this issue was SPLIT per ADT2 due to different vulnerability types. CVE-2015-3983 is for the issue with not setting the HTTPOnly flag.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1848.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1848.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1848","reference_id":"","reference_type":"","scores":[{"value":"0.0121","scoring_system":"epss","scoring_elements":"0.79313","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0121","scoring_system":"epss","scoring_elements":"0.79339","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0121","scoring_system":"epss","scoring_elements":"0.79345","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0121","scoring_system":"epss","scoring_elements":"0.79337","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0121","scoring_system":"epss","scoring_elements":"0.79327","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0121","scoring_system":"epss","scoring_elements":"0.79346","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1848"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1208294","reference_id":"1208294","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1208294"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0980","reference_id":"RHSA-2015:0980","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0980"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0990","reference_id":"RHSA-2015:0990","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0990"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/122109?format=json","purl":"pkg:deb/debian/pcs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122110?format=json","purl":"pkg:deb/debian/pcs@0.10.8-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.10.8-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122108?format=json","purl":"pkg:deb/debian/pcs@0.11.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122112?format=json","purl":"pkg:deb/debian/pcs@0.12.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}],"aliases":["CVE-2015-1848"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sfht-9yej-subw"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97655?format=json","vulnerability_id":"VCID-ukt7-nbfw-xbfr","summary":"Race condition in pcsd in PCS 0.9.139 and earlier uses a global variable to validate usernames, which allows remote authenticated users to gain privileges by sending a command that is checked for security after another user is authenticated.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5189.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5189.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5189","reference_id":"","reference_type":"","scores":[{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32364","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32435","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32404","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32365","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32336","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00133","scoring_system":"epss","scoring_elements":"0.32358","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5189"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1252805","reference_id":"1252805","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1252805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1700","reference_id":"RHSA-2015:1700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1700"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/122109?format=json","purl":"pkg:deb/debian/pcs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122110?format=json","purl":"pkg:deb/debian/pcs@0.10.8-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.10.8-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122108?format=json","purl":"pkg:deb/debian/pcs@0.11.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122112?format=json","purl":"pkg:deb/debian/pcs@0.12.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}],"aliases":["CVE-2015-5189"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ukt7-nbfw-xbfr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97659?format=json","vulnerability_id":"VCID-y1qe-65g3-2ke4","summary":"ClusterLabs pcs before version 0.9.157 is vulnerable to a cross-site scripting vulnerability due to improper validation of Node name field when creating new cluster or adding existing cluster.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2661.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-2661.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2661","reference_id":"","reference_type":"","scores":[{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42874","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42949","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42959","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42937","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.429","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00206","scoring_system":"epss","scoring_elements":"0.42911","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-2661"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2661","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2661"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1428948","reference_id":"1428948","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1428948"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858379","reference_id":"858379","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858379"},{"reference_url":"https://usn.ubuntu.com/7614-1/","reference_id":"USN-7614-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7614-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/122114?format=json","purl":"pkg:deb/debian/pcs@0.9.155%2Bdfsg-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.9.155%252Bdfsg-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122110?format=json","purl":"pkg:deb/debian/pcs@0.10.8-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.10.8-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122108?format=json","purl":"pkg:deb/debian/pcs@0.11.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122112?format=json","purl":"pkg:deb/debian/pcs@0.12.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}],"aliases":["CVE-2017-2661"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y1qe-65g3-2ke4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97656?format=json","vulnerability_id":"VCID-zyr5-zh8e-6bfu","summary":"The pcsd web UI in PCS 0.9.139 and earlier allows remote authenticated users to execute arbitrary commands via \"escape characters\" in a URL.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5190.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5190.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5190","reference_id":"","reference_type":"","scores":[{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70643","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70685","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70693","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70676","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70664","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00629","scoring_system":"epss","scoring_elements":"0.70686","published_at":"2026-06-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-5190"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1252813","reference_id":"1252813","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1252813"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1700","reference_id":"RHSA-2015:1700","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1700"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/122109?format=json","purl":"pkg:deb/debian/pcs@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122110?format=json","purl":"pkg:deb/debian/pcs@0.10.8-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.10.8-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122108?format=json","purl":"pkg:deb/debian/pcs@0.11.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.11.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122112?format=json","purl":"pkg:deb/debian/pcs@0.12.0.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.0.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/122111?format=json","purl":"pkg:deb/debian/pcs@0.12.2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}],"aliases":["CVE-2015-5190"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zyr5-zh8e-6bfu"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pcs@0.12.2-2%3Fdistro=trixie"}