Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/puppet@5.5.1
Typegem
Namespace
Namepuppet
Version5.5.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-7wuf-dtva-x7ej
vulnerability_id VCID-7wuf-dtva-x7ej
summary 
Improper Link Resolution Before File Access ('Link Following')
Puppet 2.7.x before 2.7.5, 2.6.x before 2.6.11, and 0.25.x allows local users to overwrite arbitrary files via a symlink attack on the .k5login file.
references
0
reference_url http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/puppet-announce/browse_thread/thread/91e3b46d2328a1cb
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068053.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068093.html
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3869.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-3869.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-3869
reference_id
reference_type
scores
0
value 0.00042
scoring_system epss
scoring_elements 0.13189
published_at 2026-06-05T12:55:00Z
1
value 0.00042
scoring_system epss
scoring_elements 0.13109
published_at 2026-06-09T12:55:00Z
2
value 0.00042
scoring_system epss
scoring_elements 0.13078
published_at 2026-06-08T12:55:00Z
3
value 0.00042
scoring_system epss
scoring_elements 0.13111
published_at 2026-06-04T12:55:00Z
4
value 0.00042
scoring_system epss
scoring_elements 0.13152
published_at 2026-06-07T12:55:00Z
5
value 0.00042
scoring_system epss
scoring_elements 0.13193
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-3869
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3869
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3869
7
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
8
reference_url https://github.com/puppetlabs/puppet/commit/2775c21ae48e189950dbea5e7b4d1d9fa2aca41c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/2775c21ae48e189950dbea5e7b4d1d9fa2aca41c
9
reference_url https://github.com/puppetlabs/puppet/commit/7d4c169df84fc7bbeb2941bf995a63470f71bdbd
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/7d4c169df84fc7bbeb2941bf995a63470f71bdbd
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2011-3869.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2011-3869.yml
11
reference_url http://www.debian.org/security/2011/dsa-2314
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2011/dsa-2314
12
reference_url http://www.ubuntu.com/usn/USN-1223-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1223-1
13
reference_url http://www.ubuntu.com/usn/USN-1223-2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1223-2
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=742645
reference_id 742645
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=742645
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-3869
reference_id CVE-2011-3869
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-3869
16
reference_url https://puppet.com/security/cve/cve-2011-3869
reference_id CVE-2011-3869
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2011-3869
17
reference_url https://github.com/advisories/GHSA-8c56-v25w-f89c
reference_id GHSA-8c56-v25w-f89c
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8c56-v25w-f89c
18
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
19
reference_url https://usn.ubuntu.com/1223-1/
reference_id USN-1223-1
reference_type
scores
url https://usn.ubuntu.com/1223-1/
fixed_packages
aliases CVE-2011-3869, GHSA-8c56-v25w-f89c
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7wuf-dtva-x7ej
1
url VCID-8n86-g8a8-f7a9
vulnerability_id VCID-8n86-g8a8-f7a9
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27025.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27025.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-27025
reference_id
reference_type
scores
0
value 0.00531
scoring_system epss
scoring_elements 0.67637
published_at 2026-06-09T12:55:00Z
1
value 0.00531
scoring_system epss
scoring_elements 0.67599
published_at 2026-06-04T12:55:00Z
2
value 0.00531
scoring_system epss
scoring_elements 0.67621
published_at 2026-06-08T12:55:00Z
3
value 0.00531
scoring_system epss
scoring_elements 0.67638
published_at 2026-06-07T12:55:00Z
4
value 0.00531
scoring_system epss
scoring_elements 0.67648
published_at 2026-06-06T12:55:00Z
5
value 0.00531
scoring_system epss
scoring_elements 0.6764
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-27025
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27025
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27025
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2021-27025.yml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2021-27025.yml
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014772
reference_id 1014772
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014772
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2023853
reference_id 2023853
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2023853
10
reference_url https://security.archlinux.org/AVG-2541
reference_id AVG-2541
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2541
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-27025
reference_id CVE-2021-27025
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-27025
12
reference_url https://puppet.com/security/cve/cve-2021-27025
reference_id CVE-2021-27025
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2021-27025
13
reference_url https://github.com/advisories/GHSA-q4g7-jrxv-67r9
reference_id GHSA-q4g7-jrxv-67r9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-q4g7-jrxv-67r9
14
reference_url https://access.redhat.com/errata/RHSA-2022:1708
reference_id RHSA-2022:1708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1708
15
reference_url https://access.redhat.com/errata/RHSA-2022:4866
reference_id RHSA-2022:4866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4866
16
reference_url https://access.redhat.com/errata/RHSA-2022:4867
reference_id RHSA-2022:4867
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4867
17
reference_url https://access.redhat.com/errata/RHSA-2022:8846
reference_id RHSA-2022:8846
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8846
18
reference_url https://access.redhat.com/errata/RHSA-2022:8862
reference_id RHSA-2022:8862
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8862
fixed_packages
0
url pkg:gem/puppet@6.25.1
purl pkg:gem/puppet@6.25.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7wuf-dtva-x7ej
1
vulnerability VCID-8n86-g8a8-f7a9
2
vulnerability VCID-982t-up4e-t7eg
3
vulnerability VCID-fjyu-jwpx-sfe5
4
vulnerability VCID-mn3q-6cs1-ukcq
5
vulnerability VCID-msp5-ahmq-hbc3
6
vulnerability VCID-thv1-66q2-uuc9
7
vulnerability VCID-tstb-eb21-hkhp
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/puppet@6.25.1
1
url pkg:gem/puppet@7.12.1
purl pkg:gem/puppet@7.12.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7wuf-dtva-x7ej
1
vulnerability VCID-8n86-g8a8-f7a9
2
vulnerability VCID-982t-up4e-t7eg
3
vulnerability VCID-fjyu-jwpx-sfe5
4
vulnerability VCID-mn3q-6cs1-ukcq
5
vulnerability VCID-msp5-ahmq-hbc3
6
vulnerability VCID-thv1-66q2-uuc9
7
vulnerability VCID-tstb-eb21-hkhp
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/puppet@7.12.1
aliases CVE-2021-27025, GHSA-q4g7-jrxv-67r9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8n86-g8a8-f7a9
2
url VCID-982t-up4e-t7eg
vulnerability_id VCID-982t-up4e-t7eg
summary 
Improper Link Resolution Before File Access ('Link Following')
Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /tmp/daemonout, (2) /tmp/puppetdoc.txt, (3) /tmp/puppetdoc.tex, or (4) /tmp/puppetdoc.aux temporary file.
references
0
reference_url http://groups.google.com/group/puppet-announce/browse_thread/thread/4401823f6cbf6087
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/puppet-announce/browse_thread/thread/4401823f6cbf6087
1
reference_url http://groups.google.com/group/puppet-announce/browse_thread/thread/73cd1b2896d986c2
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://groups.google.com/group/puppet-announce/browse_thread/thread/73cd1b2896d986c2
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036083.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036083.html
3
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036166.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2010-March/036166.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2010-06/msg00001.html
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2010-0156
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.09356
published_at 2026-06-09T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.09336
published_at 2026-06-04T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.0938
published_at 2026-06-05T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.09399
published_at 2026-06-06T12:55:00Z
4
value 0.00031
scoring_system epss
scoring_elements 0.09384
published_at 2026-06-07T12:55:00Z
5
value 0.00031
scoring_system epss
scoring_elements 0.09325
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2010-0156
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=502881
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=502881
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0156
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0156
8
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
9
reference_url https://github.com/puppetlabs/puppet/commit/0aae57f91dc69b22fb674f8de3a13c22edd07128
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/0aae57f91dc69b22fb674f8de3a13c22edd07128
10
reference_url https://github.com/puppetlabs/puppet/commit/6111ba80f2c6f6d1541af971f565119e6e03d77d
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/6111ba80f2c6f6d1541af971f565119e6e03d77d
11
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2010-0156.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2010-0156.yml
12
reference_url https://web.archive.org/web/20100316113904/http://secunia.com/advisories/38766
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20100316113904/http://secunia.com/advisories/38766
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2010-0156
reference_id CVE-2010-0156
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2010-0156
14
reference_url https://puppet.com/security/cve/cve-2010-0156
reference_id CVE-2010-0156
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/cve-2010-0156
15
reference_url https://github.com/advisories/GHSA-vrh7-99jh-3fmm
reference_id GHSA-vrh7-99jh-3fmm
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vrh7-99jh-3fmm
16
reference_url https://security.gentoo.org/glsa/201203-03
reference_id GLSA-201203-03
reference_type
scores
url https://security.gentoo.org/glsa/201203-03
17
reference_url https://usn.ubuntu.com/917-1/
reference_id USN-917-1
reference_type
scores
url https://usn.ubuntu.com/917-1/
fixed_packages
aliases CVE-2010-0156, GHSA-vrh7-99jh-3fmm
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-982t-up4e-t7eg
3
url VCID-fjyu-jwpx-sfe5
vulnerability_id VCID-fjyu-jwpx-sfe5
summary 
Improper Neutralization of Special Elements used in a Command ('Command Injection')
Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full pathname contains shell metacharacters, then performing a filebucket request.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
3
reference_url http://projects.puppetlabs.com/issues/13518
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://projects.puppetlabs.com/issues/13518
4
reference_url http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
5
reference_url http://puppetlabs.com/security/cve/cve-2012-1988
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://puppetlabs.com/security/cve/cve-2012-1988
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1988.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1988.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1988
reference_id
reference_type
scores
0
value 0.00492
scoring_system epss
scoring_elements 0.66003
published_at 2026-06-04T12:55:00Z
1
value 0.00492
scoring_system epss
scoring_elements 0.6604
published_at 2026-06-08T12:55:00Z
2
value 0.00492
scoring_system epss
scoring_elements 0.66058
published_at 2026-06-09T12:55:00Z
3
value 0.00492
scoring_system epss
scoring_elements 0.66052
published_at 2026-06-07T12:55:00Z
4
value 0.00492
scoring_system epss
scoring_elements 0.66067
published_at 2026-06-06T12:55:00Z
5
value 0.00492
scoring_system epss
scoring_elements 0.66055
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1988
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1988
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1988
9
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/74796
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/74796
10
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
11
reference_url https://github.com/puppetlabs/puppet/commit/0d6d29933e613fe177e9235415919a5428db67bc
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/0d6d29933e613fe177e9235415919a5428db67bc
12
reference_url https://github.com/puppetlabs/puppet/commit/568ded50ec6cc498ad32ff7f086d9f73b5d24c14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/568ded50ec6cc498ad32ff7f086d9f73b5d24c14
13
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1988.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1988.yml
14
reference_url https://hermes.opensuse.org/messages/14523305
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://hermes.opensuse.org/messages/14523305
15
reference_url https://hermes.opensuse.org/messages/15087408
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://hermes.opensuse.org/messages/15087408
16
reference_url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
17
reference_url https://web.archive.org/web/20120513213112/http://projects.puppetlabs.com/issues/13518
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513213112/http://projects.puppetlabs.com/issues/13518
18
reference_url https://web.archive.org/web/20120816020421/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120816020421/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
19
reference_url https://web.archive.org/web/20121013181707/http://puppetlabs.com/security/cve/cve-2012-1988
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121013181707/http://puppetlabs.com/security/cve/cve-2012-1988
20
reference_url https://web.archive.org/web/20121025112409/http://secunia.com/advisories/48789
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121025112409/http://secunia.com/advisories/48789
21
reference_url https://web.archive.org/web/20121025113446/http://secunia.com/advisories/48748
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121025113446/http://secunia.com/advisories/48748
22
reference_url https://web.archive.org/web/20121025194830/http://secunia.com/advisories/49136
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121025194830/http://secunia.com/advisories/49136
23
reference_url https://web.archive.org/web/20121025194938/http://secunia.com/advisories/48743
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121025194938/http://secunia.com/advisories/48743
24
reference_url https://web.archive.org/web/20121031092646/http://www.securityfocus.com/bid/52975
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121031092646/http://www.securityfocus.com/bid/52975
25
reference_url http://ubuntu.com/usn/usn-1419-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1419-1
26
reference_url http://www.debian.org/security/2012/dsa-2451
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2451
27
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=810071
reference_id 810071
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=810071
28
reference_url http://puppetlabs.com/security/cve/cve-2012-1988/
reference_id CVE-2012-1988
reference_type
scores
url http://puppetlabs.com/security/cve/cve-2012-1988/
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1988
reference_id CVE-2012-1988
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1988
30
reference_url https://web.archive.org/web/20121013181707/http://puppetlabs.com/security/cve/cve-2012-1988/
reference_id CVE-2012-1988
reference_type
scores
url https://web.archive.org/web/20121013181707/http://puppetlabs.com/security/cve/cve-2012-1988/
31
reference_url https://github.com/advisories/GHSA-6xxq-j39w-g3f6
reference_id GHSA-6xxq-j39w-g3f6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6xxq-j39w-g3f6
32
reference_url https://security.gentoo.org/glsa/201208-02
reference_id GLSA-201208-02
reference_type
scores
url https://security.gentoo.org/glsa/201208-02
33
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
34
reference_url https://usn.ubuntu.com/1419-1/
reference_id USN-1419-1
reference_type
scores
url https://usn.ubuntu.com/1419-1/
fixed_packages
aliases CVE-2012-1988, GHSA-6xxq-j39w-g3f6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fjyu-jwpx-sfe5
4
url VCID-mn3q-6cs1-ukcq
vulnerability_id VCID-mn3q-6cs1-ukcq
summary 
Improper Privilege Management
In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2927
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2927
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10689.json
reference_id
reference_type
scores
0
value 2.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-10689.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-10689
reference_id
reference_type
scores
0
value 0.00092
scoring_system epss
scoring_elements 0.25747
published_at 2026-06-04T12:55:00Z
1
value 0.00092
scoring_system epss
scoring_elements 0.25743
published_at 2026-06-09T12:55:00Z
2
value 0.00092
scoring_system epss
scoring_elements 0.25737
published_at 2026-06-08T12:55:00Z
3
value 0.00092
scoring_system epss
scoring_elements 0.25796
published_at 2026-06-07T12:55:00Z
4
value 0.00092
scoring_system epss
scoring_elements 0.25841
published_at 2026-06-06T12:55:00Z
5
value 0.00092
scoring_system epss
scoring_elements 0.2585
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-10689
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10689
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-10689
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
6
reference_url https://github.com/puppetlabs/puppet/commit/17d9e02da3882e44c1876e2805cf9708481715ee
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/17d9e02da3882e44c1876e2805cf9708481715ee
7
reference_url https://github.com/puppetlabs/puppet/commit/2f1047f85e22cde139a421bc25d371f2ffc92cb1
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/2f1047f85e22cde139a421bc25d371f2ffc92cb1
8
reference_url https://tickets.puppetlabs.com/browse/PUP-7866
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://tickets.puppetlabs.com/browse/PUP-7866
9
reference_url https://usn.ubuntu.com/3567-1
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/3567-1
10
reference_url https://usn.ubuntu.com/3567-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/3567-1/
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1542850
reference_id 1542850
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1542850
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890412
reference_id 890412
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890412
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-10689
reference_id CVE-2017-10689
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-10689
14
reference_url https://puppet.com/security/cve/CVE-2017-10689
reference_id CVE-2017-10689
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements
1
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/CVE-2017-10689
15
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2017-10689.yml
reference_id CVE-2017-10689.YML
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2017-10689.yml
16
reference_url https://github.com/advisories/GHSA-vw22-465p-8j5w
reference_id GHSA-vw22-465p-8j5w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vw22-465p-8j5w
17
reference_url https://usn.ubuntu.com/USN-4804-1/
reference_id USN-USN-4804-1
reference_type
scores
url https://usn.ubuntu.com/USN-4804-1/
fixed_packages
aliases CVE-2017-10689, GHSA-vw22-465p-8j5w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mn3q-6cs1-ukcq
5
url VCID-msp5-ahmq-hbc3
vulnerability_id VCID-msp5-ahmq-hbc3
summary 
Puppet does not properly restrict access to node resources
Puppet 2.6.0 through 2.6.3 does not properly restrict access to node resources, which allows remote authenticated Puppet nodes to read or modify the resources of other nodes via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0528.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-0528.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2011-0528
reference_id
reference_type
scores
0
value 0.00265
scoring_system epss
scoring_elements 0.50268
published_at 2026-06-05T12:55:00Z
1
value 0.00265
scoring_system epss
scoring_elements 0.50249
published_at 2026-06-09T12:55:00Z
2
value 0.00265
scoring_system epss
scoring_elements 0.5023
published_at 2026-06-08T12:55:00Z
3
value 0.00265
scoring_system epss
scoring_elements 0.50207
published_at 2026-06-04T12:55:00Z
4
value 0.00265
scoring_system epss
scoring_elements 0.50258
published_at 2026-06-07T12:55:00Z
5
value 0.00265
scoring_system epss
scoring_elements 0.50277
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2011-0528
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-0528
3
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
4
reference_url https://github.com/puppetlabs/puppet/commit/eee1a9cdaa5cab6222c8e6ab087d319f976fa4e3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/eee1a9cdaa5cab6222c8e6ab087d319f976fa4e3
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2011-0528.yml
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2011-0528.yml
6
reference_url http://www.mail-archive.com/puppet-users%40googlegroups.com/msg16429.html
reference_id
reference_type
scores
url http://www.mail-archive.com/puppet-users%40googlegroups.com/msg16429.html
7
reference_url http://www.mail-archive.com/puppet-users@googlegroups.com/msg16429.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.mail-archive.com/puppet-users@googlegroups.com/msg16429.html
8
reference_url http://www.openwall.com/lists/oss-security/2011/01/27/6
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/01/27/6
9
reference_url http://www.openwall.com/lists/oss-security/2011/01/31/5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2011/01/31/5
10
reference_url http://www.ubuntu.com/usn/USN-1365-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-1365-1
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2011-0528
reference_id CVE-2011-0528
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2011-0528
12
reference_url https://github.com/advisories/GHSA-9pvx-fwwh-w289
reference_id GHSA-9pvx-fwwh-w289
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9pvx-fwwh-w289
13
reference_url https://usn.ubuntu.com/1365-1/
reference_id USN-1365-1
reference_type
scores
url https://usn.ubuntu.com/1365-1/
fixed_packages
aliases CVE-2011-0528, GHSA-9pvx-fwwh-w289
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-msp5-ahmq-hbc3
6
url VCID-thv1-66q2-uuc9
vulnerability_id VCID-thv1-66q2-uuc9
summary 
Puppet Denial of Service and Arbitrary File Write
Unspecified vulnerability in Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys to (1) cause a denial of service (memory consumption) via a REST request to a stream that triggers a thread block, as demonstrated using CVE-2012-1986 and /dev/random; or (2) cause a denial of service (filesystem consumption) via crafted REST requests that use "a marshaled form of a Puppet::FileBucket::File object" to write to arbitrary file locations.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079227.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-April/079289.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2012-May/080003.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1987.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1987.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1987
reference_id
reference_type
scores
0
value 0.00763
scoring_system epss
scoring_elements 0.73796
published_at 2026-06-07T12:55:00Z
1
value 0.00763
scoring_system epss
scoring_elements 0.73809
published_at 2026-06-06T12:55:00Z
2
value 0.00763
scoring_system epss
scoring_elements 0.73805
published_at 2026-06-05T12:55:00Z
3
value 0.00763
scoring_system epss
scoring_elements 0.73779
published_at 2026-06-08T12:55:00Z
4
value 0.00763
scoring_system epss
scoring_elements 0.73768
published_at 2026-06-04T12:55:00Z
5
value 0.00763
scoring_system epss
scoring_elements 0.73807
published_at 2026-06-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1987
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1987
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1987
6
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/74794
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/74794
7
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
8
reference_url https://github.com/puppetlabs/puppet/commit/0d6d29933e613fe177e9235415919a5428db67bc
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/0d6d29933e613fe177e9235415919a5428db67bc
9
reference_url https://github.com/puppetlabs/puppet/commit/568ded50ec6cc498ad32ff7f086d9f73b5d24c14
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet/commit/568ded50ec6cc498ad32ff7f086d9f73b5d24c14
10
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1987.yml
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2012-1987.yml
11
reference_url https://hermes.opensuse.org/messages/14523305
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://hermes.opensuse.org/messages/14523305
12
reference_url https://hermes.opensuse.org/messages/15087408
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://hermes.opensuse.org/messages/15087408
13
reference_url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120415105345/http://www.securityfocus.com/bid/52975
14
reference_url https://web.archive.org/web/20120513213318/http://projects.puppetlabs.com/issues/13553
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513213318/http://projects.puppetlabs.com/issues/13553
15
reference_url https://web.archive.org/web/20120513224202/http://projects.puppetlabs.com/issues/13552
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20120513224202/http://projects.puppetlabs.com/issues/13552
16
reference_url https://web.archive.org/web/20121005145241/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20121005145241/http://projects.puppetlabs.com/projects/1/wiki/Release_Notes#2.6.15
17
reference_url https://web.archive.org/web/20160808163232/https://puppet.com/security/cve/cve-2012-1987
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20160808163232/https://puppet.com/security/cve/cve-2012-1987
18
reference_url http://ubuntu.com/usn/usn-1419-1
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://ubuntu.com/usn/usn-1419-1
19
reference_url http://www.debian.org/security/2012/dsa-2451
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2012/dsa-2451
20
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=810070
reference_id 810070
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=810070
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-1987
reference_id CVE-2012-1987
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2012-1987
22
reference_url https://web.archive.org/web/20160808163232/https://puppet.com/security/cve/cve-2012-1987/
reference_id CVE-2012-1987
reference_type
scores
url https://web.archive.org/web/20160808163232/https://puppet.com/security/cve/cve-2012-1987/
23
reference_url https://github.com/advisories/GHSA-v58w-6xc2-w799
reference_id GHSA-v58w-6xc2-w799
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-v58w-6xc2-w799
24
reference_url https://security.gentoo.org/glsa/201208-02
reference_id GLSA-201208-02
reference_type
scores
url https://security.gentoo.org/glsa/201208-02
25
reference_url https://access.redhat.com/errata/RHSA-2012:1542
reference_id RHSA-2012:1542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:1542
26
reference_url https://usn.ubuntu.com/1419-1/
reference_id USN-1419-1
reference_type
scores
url https://usn.ubuntu.com/1419-1/
fixed_packages
aliases CVE-2012-1987, GHSA-v58w-6xc2-w799
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-thv1-66q2-uuc9
7
url VCID-tstb-eb21-hkhp
vulnerability_id VCID-tstb-eb21-hkhp
summary multiple issues
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27023.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-27023.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-27023
reference_id
reference_type
scores
0
value 0.00397
scoring_system epss
scoring_elements 0.60929
published_at 2026-06-09T12:55:00Z
1
value 0.00397
scoring_system epss
scoring_elements 0.60885
published_at 2026-06-04T12:55:00Z
2
value 0.00397
scoring_system epss
scoring_elements 0.60941
published_at 2026-06-06T12:55:00Z
3
value 0.00397
scoring_system epss
scoring_elements 0.60913
published_at 2026-06-08T12:55:00Z
4
value 0.00397
scoring_system epss
scoring_elements 0.6093
published_at 2026-06-07T12:55:00Z
5
value 0.00397
scoring_system epss
scoring_elements 0.60934
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-27023
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27023
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27023
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/puppetlabs/puppet
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/puppetlabs/puppet
5
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2021-27023.yml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puppet/CVE-2021-27023.yml
6
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/62SELE7EKVKZL4GABFMVYMIIUZ7FPEF7/
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2023859
reference_id 2023859
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2023859
9
reference_url https://security.archlinux.org/AVG-2541
reference_id AVG-2541
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2541
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-27023
reference_id CVE-2021-27023
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-27023
11
reference_url https://puppet.com/security/cve/CVE-2021-27023
reference_id CVE-2021-27023
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://puppet.com/security/cve/CVE-2021-27023
12
reference_url https://github.com/advisories/GHSA-93j5-g845-9wqp
reference_id GHSA-93j5-g845-9wqp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-93j5-g845-9wqp
13
reference_url https://access.redhat.com/errata/RHSA-2022:1478
reference_id RHSA-2022:1478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1478
14
reference_url https://access.redhat.com/errata/RHSA-2022:1708
reference_id RHSA-2022:1708
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1708
15
reference_url https://access.redhat.com/errata/RHSA-2022:4866
reference_id RHSA-2022:4866
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4866
16
reference_url https://access.redhat.com/errata/RHSA-2022:4867
reference_id RHSA-2022:4867
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4867
fixed_packages
0
url pkg:gem/puppet@6.25.1
purl pkg:gem/puppet@6.25.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7wuf-dtva-x7ej
1
vulnerability VCID-8n86-g8a8-f7a9
2
vulnerability VCID-982t-up4e-t7eg
3
vulnerability VCID-fjyu-jwpx-sfe5
4
vulnerability VCID-mn3q-6cs1-ukcq
5
vulnerability VCID-msp5-ahmq-hbc3
6
vulnerability VCID-thv1-66q2-uuc9
7
vulnerability VCID-tstb-eb21-hkhp
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/puppet@6.25.1
1
url pkg:gem/puppet@7.12.1
purl pkg:gem/puppet@7.12.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-7wuf-dtva-x7ej
1
vulnerability VCID-8n86-g8a8-f7a9
2
vulnerability VCID-982t-up4e-t7eg
3
vulnerability VCID-fjyu-jwpx-sfe5
4
vulnerability VCID-mn3q-6cs1-ukcq
5
vulnerability VCID-msp5-ahmq-hbc3
6
vulnerability VCID-thv1-66q2-uuc9
7
vulnerability VCID-tstb-eb21-hkhp
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/puppet@7.12.1
aliases CVE-2021-27023, GHSA-93j5-g845-9wqp
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tstb-eb21-hkhp
Fixing_vulnerabilities
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/puppet@5.5.1