{"url":"http://public2.vulnerablecode.io/api/packages/180409?format=json","purl":"pkg:rpm/redhat/katello-configure@1.2.3-3h?arch=el6_3","type":"rpm","namespace":"redhat","name":"katello-configure","version":"1.2.3-3h","qualifiers":{"arch":"el6_3"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37500?format=json","vulnerability_id":"VCID-4u64-j7gm-5ke9","summary":"Uncontrolled Resource Consumption\nlib/rack/multipart.rb in Rack  uses an incorrect regular expression, which allows remote attackers to cause a denial of service (infinite loop) via a crafted Content-Disposion header.","references":[{"reference_url":"http://rack.github.com/","reference_id":"","reference_type":"","scores":[],"url":"http://rack.github.com/"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0544","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0544"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6109.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2012-6109","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2012-6109"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6109","reference_id":"","reference_type":"","scores":[{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74868","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00828","scoring_system":"epss","scoring_elements":"0.74897","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-6109"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895277","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895277"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6109"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/blob/master/README.rdoc","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/blob/master/README.rdoc"},{"reference_url":"https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/c9f65df37a151821eb88ddd1dc404b83e52c52d5"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2012-6109.yml"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/1w4_fWEgTdI/XAkSNHjtdTsJ"},{"reference_url":"https://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440","reference_id":"698440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6109","reference_id":"CVE-2012-6109","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2012-6109"},{"reference_url":"https://github.com/advisories/GHSA-h77x-m5q8-c29h","reference_id":"GHSA-h77x-m5q8-c29h","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h77x-m5q8-c29h"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"}],"fixed_packages":[],"aliases":["CVE-2012-6109","GHSA-h77x-m5q8-c29h","OSV-89317"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4u64-j7gm-5ke9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/115017?format=json","vulnerability_id":"VCID-57hq-tgvf-dbdz","summary":"Katello: lack of authorization in proxies_controller.rb","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5603.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5603.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5603","reference_id":"","reference_type":"","scores":[{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48805","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00253","scoring_system":"epss","scoring_elements":"0.48865","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5603"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=882129","reference_id":"882129","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=882129"},{"reference_url":"https://access.redhat.com/errata/RHSA-2012:1543","reference_id":"RHSA-2012:1543","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2012:1543"}],"fixed_packages":[],"aliases":["CVE-2012-5603"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-57hq-tgvf-dbdz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37503?format=json","vulnerability_id":"VCID-6yf4-8k7v-p7d7","summary":"Improper Restriction of Operations within the Bounds of a Memory Buffer\nmultipart/parser.rb in Rack allows remote attackers to cause a denial of service (memory consumption and out-of-memory error) via a long string in a Multipart HTTP packet.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"http://rack.github.com","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rack.github.com"},{"reference_url":"http://rack.github.com/","reference_id":"","reference_type":"","scores":[],"url":"http://rack.github.com/"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0544","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0544"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0183.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0183.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-0183","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-0183"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0183","reference_id":"","reference_type":"","scores":[{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.83255","published_at":"2026-06-05T12:55:00Z"},{"value":"0.01824","scoring_system":"epss","scoring_elements":"0.83229","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0183"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895282","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895282"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0183"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/commit/548b9af2dc0059f4c0c19728624448d84de450ff","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/548b9af2dc0059f4c0c19728624448d84de450ff"},{"reference_url":"https://github.com/rack/rack/commit/f95113402b7239f225282806673e1b6424522b18","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/f95113402b7239f225282806673e1b6424522b18"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0183.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0183.yml"},{"reference_url":"https://groups.google.com/forum/#%21topic/rack-devel/7ZKPNAjgRSs","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21topic/rack-devel/7ZKPNAjgRSs"},{"reference_url":"https://groups.google.com/forum/#%21topic/rack-devel/-MWPHDeGWtI","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#%21topic/rack-devel/-MWPHDeGWtI"},{"reference_url":"https://groups.google.com/forum/#!topic/rack-devel/7ZKPNAjgRSs","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/rack-devel/7ZKPNAjgRSs"},{"reference_url":"https://groups.google.com/forum/#!topic/rack-devel/-MWPHDeGWtI","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!topic/rack-devel/-MWPHDeGWtI"},{"reference_url":"http://www.debian.org/security/2013/dsa-2783","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2013/dsa-2783"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440","reference_id":"698440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0183","reference_id":"CVE-2013-0183","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0183"},{"reference_url":"https://github.com/advisories/GHSA-3pxh-h8hw-mj8w","reference_id":"GHSA-3pxh-h8hw-mj8w","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-3pxh-h8hw-mj8w"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"}],"fixed_packages":[],"aliases":["CVE-2013-0183","GHSA-3pxh-h8hw-mj8w","OSV-89320"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6yf4-8k7v-p7d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37501?format=json","vulnerability_id":"VCID-gq4p-3kvj-3kaq","summary":"Incorrect temporary file usage\nThe ruby_parser Gem does not create temporary files securely. In the `diff_pp` function contained in `lib/gauntlet_rubyparser.rb` function, it creates files as `/tmp/a.[pid]` and `/tmp/b.[pid]` which can be predicted and used for either a denial of service (file cannot be overwritten), or to change the contents of files that are writable.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0544","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0582","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0582"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0162.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0162.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-0162","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-0162"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0162","reference_id":"","reference_type":"","scores":[{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35093","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00149","scoring_system":"epss","scoring_elements":"0.35188","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0162"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=892806","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=892806"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby_parser/CVE-2013-0162.yml","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/ruby_parser/CVE-2013-0162.yml"},{"reference_url":"https://github.com/seattlerb/ruby_parser","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/seattlerb/ruby_parser"},{"reference_url":"https://github.com/seattlerb/ruby_parser/commit/506c7e13cff6f8715385fa8488b621028b4ad280","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/seattlerb/ruby_parser/commit/506c7e13cff6f8715385fa8488b621028b4ad280"},{"reference_url":"https://github.com/seattlerb/ruby_parser/commit/c35acd878d50a8e4ea35933e3fbdc493421d422c","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/seattlerb/ruby_parser/commit/c35acd878d50a8e4ea35933e3fbdc493421d422c"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0162","reference_id":"","reference_type":"","scores":[{"value":"LOW","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0162"},{"reference_url":"https://github.com/advisories/GHSA-8mvw-22r7-w6fq","reference_id":"GHSA-8mvw-22r7-w6fq","reference_type":"","scores":[{"value":"LOW","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-8mvw-22r7-w6fq"}],"fixed_packages":[],"aliases":["CVE-2013-0162","GHSA-8mvw-22r7-w6fq","OSV-90561"],"risk_score":1.4,"exploitability":"0.5","weighted_severity":"2.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gq4p-3kvj-3kaq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/37502?format=json","vulnerability_id":"VCID-kree-2cyw-duh8","summary":"Uncontrolled Resource Consumption\nUnspecified vulnerability in Rack::Auth::AbstractRequest in Rack  allows remote attackers to cause a denial of service via unknown vectors related to \"symbolized arbitrary strings.\"","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0544.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0548.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0544","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0544"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0548","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0548"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0184.json"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-0184","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-0184"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0184","reference_id":"","reference_type":"","scores":[{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71954","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00677","scoring_system":"epss","scoring_elements":"0.71915","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0184"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=895384","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=895384"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0184"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/1f61549529d07abd4aa512b8320ab0e97dcacc5d"},{"reference_url":"http://www.debian.org/security/2013/dsa-2783","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2013/dsa-2783"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440","reference_id":"698440","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698440"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0184","reference_id":"CVE-2013-0184","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0184"},{"reference_url":"https://github.com/advisories/GHSA-v882-ccj6-jc48","reference_id":"GHSA-v882-ccj6-jc48","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v882-ccj6-jc48"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"}],"fixed_packages":[],"aliases":["CVE-2013-0184","GHSA-v882-ccj6-jc48","OSV-89327"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kree-2cyw-duh8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/115000?format=json","vulnerability_id":"VCID-n3va-r7yq-b7cd","summary":"Katello: /etc/katello/secure/passphrase is world readable","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5561.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5561.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5561","reference_id":"","reference_type":"","scores":[{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.2871","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00109","scoring_system":"epss","scoring_elements":"0.28783","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-5561"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=879094","reference_id":"879094","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=879094"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0547","reference_id":"RHSA-2013:0547","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0547"}],"fixed_packages":[],"aliases":["CVE-2012-5561"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n3va-r7yq-b7cd"}],"fixing_vulnerabilities":[],"risk_score":"3.1","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/katello-configure@1.2.3-3h%3Farch=el6_3"}