{"url":"http://public2.vulnerablecode.io/api/packages/122196?format=json","purl":"pkg:rpm/redhat/python27-python-wheel@0.24.0-2?arch=el7","type":"rpm","namespace":"redhat","name":"python27-python-wheel","version":"0.24.0-2","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86237?format=json","vulnerability_id":"VCID-8jfv-cqa8-7yb6","summary":"python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4650.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4650.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4650","reference_id":"","reference_type":"","scores":[{"value":"0.06019","scoring_system":"epss","scoring_elements":"0.90675","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06019","scoring_system":"epss","scoring_elements":"0.90685","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06019","scoring_system":"epss","scoring_elements":"0.9067","published_at":"2026-04-01T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91619","published_at":"2026-04-09T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91623","published_at":"2026-04-11T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91626","published_at":"2026-04-12T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91622","published_at":"2026-04-13T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91643","published_at":"2026-04-24T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91636","published_at":"2026-04-21T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91641","published_at":"2026-04-26T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91639","published_at":"2026-04-29T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91651","published_at":"2026-05-05T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.916","published_at":"2026-04-07T12:55:00Z"},{"value":"0.07232","scoring_system":"epss","scoring_elements":"0.91613","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4650"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4650"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1113527","reference_id":"1113527","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1113527"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/33894.txt","reference_id":"CVE-2014-4650;OSVDB-108369","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/33894.txt"},{"reference_url":"https://www.redteam-pentesting.de/advisories/rt-sa-2014-008","reference_id":"CVE-2014-4650;OSVDB-108369","reference_type":"exploit","scores":[],"url":"https://www.redteam-pentesting.de/advisories/rt-sa-2014-008"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1064","reference_id":"RHSA-2015:1064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1330","reference_id":"RHSA-2015:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2101","reference_id":"RHSA-2015:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2101"},{"reference_url":"https://usn.ubuntu.com/2653-1/","reference_id":"USN-2653-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2653-1/"}],"fixed_packages":[],"aliases":["CVE-2014-4650"],"risk_score":5.2,"exploitability":"2.0","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8jfv-cqa8-7yb6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50411?format=json","vulnerability_id":"VCID-ez5b-fvw8-hkh3","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1912.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1912.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1912","reference_id":"","reference_type":"","scores":[{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.95985","published_at":"2026-04-01T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.95992","published_at":"2026-04-02T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.95999","published_at":"2026-04-04T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96004","published_at":"2026-04-07T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96013","published_at":"2026-04-08T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96016","published_at":"2026-04-09T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96019","published_at":"2026-04-12T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96021","published_at":"2026-04-13T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96031","published_at":"2026-04-16T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96036","published_at":"2026-04-18T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96037","published_at":"2026-04-21T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96038","published_at":"2026-04-24T12:55:00Z"},{"value":"0.23888","scoring_system":"epss","scoring_elements":"0.96039","published_at":"2026-04-29T12:55:00Z"},{"value":"0.33997","scoring_system":"epss","scoring_elements":"0.9699","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-1912"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1912"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1062370","reference_id":"1062370","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1062370"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31875.py","reference_id":"CVE-2014-1912;OSVDB-102929","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/31875.py"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1064","reference_id":"RHSA-2015:1064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1330","reference_id":"RHSA-2015:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1330"},{"reference_url":"https://usn.ubuntu.com/2125-1/","reference_id":"USN-2125-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2125-1/"}],"fixed_packages":[],"aliases":["CVE-2014-1912"],"risk_score":0.6,"exploitability":"2.0","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ez5b-fvw8-hkh3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/15630?format=json","vulnerability_id":"VCID-f5vu-k9rc-27fz","summary":"Improper Validation of Array Index\nArray index error in the scanstring function in the _json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the raw_decode function.","references":[{"reference_url":"http://bugs.python.org/issue21529","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://bugs.python.org/issue21529"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2014-07/msg00015.html"},{"reference_url":"http://openwall.com/lists/oss-security/2014/06/24/7","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://openwall.com/lists/oss-security/2014/06/24/7"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1064.html","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2015-1064.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4616.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4616.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4616","reference_id":"","reference_type":"","scores":[{"value":"0.0038","scoring_system":"epss","scoring_elements":"0.59413","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68207","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68247","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68243","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.6812","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68139","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68116","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68167","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68182","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68194","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68235","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68192","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.6821","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68199","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68161","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00557","scoring_system":"epss","scoring_elements":"0.68098","published_at":"2026-04-01T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-4616"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752395"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1112285","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1112285"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4616","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4616"},{"reference_url":"https://github.com/simplejson/simplejson","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/simplejson/simplejson"},{"reference_url":"https://hackerone.com/reports/12297","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://hackerone.com/reports/12297"},{"reference_url":"https://security.gentoo.org/glsa/201503-10","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://security.gentoo.org/glsa/201503-10"},{"reference_url":"http://www.securityfocus.com/bid/68119","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/68119"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-4616","reference_id":"CVE-2014-4616","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-4616"},{"reference_url":"https://github.com/advisories/GHSA-9772-cwx9-r4cj","reference_id":"GHSA-9772-cwx9-r4cj","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-9772-cwx9-r4cj"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1064","reference_id":"RHSA-2015:1064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2101","reference_id":"RHSA-2015:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2101"},{"reference_url":"https://usn.ubuntu.com/2653-1/","reference_id":"USN-2653-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2653-1/"}],"fixed_packages":[],"aliases":["CVE-2014-4616","GHSA-9772-cwx9-r4cj"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-f5vu-k9rc-27fz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50413?format=json","vulnerability_id":"VCID-mzd5-dwty-bqhf","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could lead to arbitrary code execution.","references":[{"reference_url":"http://bugs.python.org/issue21831","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.python.org/issue21831"},{"reference_url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html"},{"reference_url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139663.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2014-10/msg00016.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1064.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1064.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2015-1330.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2015-1330.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7185.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7185.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7185","reference_id":"","reference_type":"","scores":[{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75142","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75259","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75263","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75145","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75176","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75152","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75186","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75198","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75219","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75197","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75185","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75222","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75228","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75218","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0087","scoring_system":"epss","scoring_elements":"0.75255","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01134","scoring_system":"epss","scoring_elements":"0.78451","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-7185"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7185"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/96193","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/96193"},{"reference_url":"https://security.gentoo.org/glsa/201503-10","reference_id":"","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201503-10"},{"reference_url":"https://support.apple.com/kb/HT205031","reference_id":"","reference_type":"","scores":[],"url":"https://support.apple.com/kb/HT205031"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/09/23/5","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/09/23/5"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/09/25/47","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/09/25/47"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"},{"reference_url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html","reference_id":"","reference_type":"","scores":[],"url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"},{"reference_url":"http://www.securityfocus.com/bid/70089","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/70089"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1146026","reference_id":"1146026","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1146026"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763848","reference_id":"763848","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763848"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*","reference_id":"cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1150:*:*:*:*:*:x64:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.1:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2150:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.2:rc1:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:2.7.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2014-7185","reference_id":"CVE-2014-7185","reference_type":"","scores":[{"value":"6.4","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:N/A:P"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2014-7185"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1064","reference_id":"RHSA-2015:1064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1330","reference_id":"RHSA-2015:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2101","reference_id":"RHSA-2015:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2101"},{"reference_url":"https://usn.ubuntu.com/2653-1/","reference_id":"USN-2653-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2653-1/"}],"fixed_packages":[],"aliases":["CVE-2014-7185"],"risk_score":2.9,"exploitability":"0.5","weighted_severity":"5.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-mzd5-dwty-bqhf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/50409?format=json","vulnerability_id":"VCID-p57a-y8r3-qucc","summary":"Multiple vulnerabilities have been found in Python, the worst of\n    which could lead to arbitrary code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1752.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1752.json"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046174","reference_id":"1046174","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046174"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1064","reference_id":"RHSA-2015:1064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1330","reference_id":"RHSA-2015:1330","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1330"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2101","reference_id":"RHSA-2015:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2101"},{"reference_url":"https://usn.ubuntu.com/2653-1/","reference_id":"USN-2653-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2653-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1752"],"risk_score":1.3,"exploitability":"0.5","weighted_severity":"2.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p57a-y8r3-qucc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86971?format=json","vulnerability_id":"VCID-w85n-mm5g-5yd1","summary":"python: XMLRPC library unrestricted decompression of HTTP responses using gzip enconding","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1753.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1753.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1753","reference_id":"","reference_type":"","scores":[{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58903","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58864","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58902","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00371","scoring_system":"epss","scoring_elements":"0.58918","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63843","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63861","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63747","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63827","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63862","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63871","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63875","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63809","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63835","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00455","scoring_system":"epss","scoring_elements":"0.63793","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-1753"},{"reference_url":"https://bugs.python.org/issue16043","reference_id":"","reference_type":"","scores":[],"url":"https://bugs.python.org/issue16043"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1753","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1753"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046170","reference_id":"1046170","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1046170"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742929","reference_id":"742929","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742929"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:python:python:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:python:python:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1753","reference_id":"CVE-2013-1753","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-1753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1064","reference_id":"RHSA-2015:1064","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1064"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2101","reference_id":"RHSA-2015:2101","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2101"},{"reference_url":"https://usn.ubuntu.com/2653-1/","reference_id":"USN-2653-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2653-1/"}],"fixed_packages":[],"aliases":["CVE-2013-1753"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w85n-mm5g-5yd1"}],"fixing_vulnerabilities":[],"risk_score":"5.2","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python27-python-wheel@0.24.0-2%3Farch=el7"}