Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/254421?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/254421?format=api", "purl": "pkg:rpm/redhat/ipxe@20130517-7.1fm.gitc4bce43?arch=el6sat", "type": "rpm", "namespace": "redhat", "name": "ipxe", "version": "20130517-7.1fm.gitc4bce43", "qualifiers": { "arch": "el6sat" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3365?format=api", "vulnerability_id": "VCID-2pw6-nfst-hqcv", "summary": "The Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1591", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:1591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1592", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:1592" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4346.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4346.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-4346", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-4346" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4346", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.005", "scoring_system": "epss", "scoring_elements": "0.66238", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4346" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1007746", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1007746" }, { "reference_url": "https://github.com/joestump/python-oauth2", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/joestump/python-oauth2" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-85.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-85.yaml" }, { "reference_url": "https://github.com/simplegeo/python-oauth2/issues/129", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/simplegeo/python-oauth2/issues/129" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4346", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4346" }, { "reference_url": "https://web.archive.org/web/20200228063302/http://www.securityfocus.com/bid/62386", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200228063302/http://www.securityfocus.com/bid/62386" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/09/12/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N" }, { "value": "8.7", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/09/12/7" }, { "reference_url": "http://www.securityfocus.com/bid/62386", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/62386" }, { "reference_url": "https://github.com/advisories/GHSA-4433-4cxq-vv73", "reference_id": "GHSA-4433-4cxq-vv73", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-4433-4cxq-vv73" } ], "fixed_packages": [], "aliases": [ "CVE-2013-4346", "GHSA-4433-4cxq-vv73", "PYSEC-2014-85" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2pw6-nfst-hqcv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67262?format=api", "vulnerability_id": "VCID-3xcu-6pfz-nue6", "summary": "foreman: the _session_id cookie is issued without the Secure flag", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3155.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3155.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3155", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0056", "scoring_system": "epss", "scoring_elements": "0.68557", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3155" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216035", "reference_id": "1216035", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1216035" } ], "fixed_packages": [], "aliases": [ "CVE-2015-3155" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3xcu-6pfz-nue6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67623?format=api", "vulnerability_id": "VCID-724w-x63u-zfe4", "summary": "foreman: Unprivileged user can access private bookmarks of other users", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2100.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2100.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2100", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00201", "scoring_system": "epss", "scoring_elements": "0.42137", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-2100" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310675", "reference_id": "1310675", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1310675" } ], "fixed_packages": [], "aliases": [ "CVE-2016-2100" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-724w-x63u-zfe4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67730?format=api", "vulnerability_id": "VCID-76a8-vzjq-c7ep", "summary": "qpid-cpp: AMQP 0-10 protocol sequence-set maximal range DoS (incomplete CVE-2015-0203 fix)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0224.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0224.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0224", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.5601", "scoring_system": "epss", "scoring_elements": "0.98138", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0224" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186302", "reference_id": "1186302", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186302" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0660", "reference_id": "RHSA-2015:0660", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0660" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0661", "reference_id": "RHSA-2015:0661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0662", "reference_id": "RHSA-2015:0662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0707", "reference_id": "RHSA-2015:0707", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0707" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0708", "reference_id": "RHSA-2015:0708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0708" } ], "fixed_packages": [], "aliases": [ "CVE-2015-0224" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-76a8-vzjq-c7ep" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68400?format=api", "vulnerability_id": "VCID-8aj8-6sm4-pyey", "summary": "foreman: cross-site scripting (XSS) flaw in template preview screen", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3653.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3653.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3653", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00389", "scoring_system": "epss", "scoring_elements": "0.60276", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3653" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1145398", "reference_id": "1145398", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1145398" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3653" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8aj8-6sm4-pyey" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67427?format=api", "vulnerability_id": "VCID-8e3h-ykwp-s3ge", "summary": "foreman: API not scoping resources to taxonomies", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1844.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1844.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1844", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00261", "scoring_system": "epss", "scoring_elements": "0.49667", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1844" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207589", "reference_id": "1207589", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1207589" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1844" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8e3h-ykwp-s3ge" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69815?format=api", "vulnerability_id": "VCID-9jm3-rkd6-67c1", "summary": "python: ssl.match_hostname() DoS via certificates with specially crafted hostname wildcard patterns", "references": [ { "reference_url": "http://bugs.python.org/issue17980", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.python.org/issue17980" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2099.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2099", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02979", "scoring_system": "epss", "scoring_elements": "0.86753", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2099" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2099" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2099" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066", "reference_id": "709066", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709066" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067", "reference_id": "709067", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709067" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068", "reference_id": "709068", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709068" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069", "reference_id": "709069", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709069" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070", "reference_id": "709070", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=709070" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=963260", "reference_id": "963260", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=963260" }, { "reference_url": "https://security.gentoo.org/glsa/201401-04", "reference_id": "GLSA-201401-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1263", "reference_id": "RHSA-2014:1263", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1263" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1690", "reference_id": "RHSA-2014:1690", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0042", "reference_id": "RHSA-2015:0042", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:1166", "reference_id": "RHSA-2016:1166", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:1166" }, { "reference_url": "https://usn.ubuntu.com/1983-1/", "reference_id": "USN-1983-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1983-1/" }, { "reference_url": "https://usn.ubuntu.com/1984-1/", "reference_id": "USN-1984-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1984-1/" }, { "reference_url": "https://usn.ubuntu.com/1985-1/", "reference_id": "USN-1985-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/1985-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2013-2099" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9jm3-rkd6-67c1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/3366?format=api", "vulnerability_id": "VCID-b45h-wab3-1ya2", "summary": "The (1) make_nonce, (2) generate_nonce, and (3) generate_verifier functions in SimpleGeo python-oauth2 uses weak random numbers to generate nonces, which makes it easier for remote attackers to guess the nonce via a brute force attack.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1591", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:1591" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1592", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2015:1592" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4347.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-4347.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-4347", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-4347" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4347", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00432", "scoring_system": "epss", "scoring_elements": "0.62923", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-4347" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1007758", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1007758" }, { "reference_url": "https://github.com/joestump/python-oauth2", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/joestump/python-oauth2" }, { "reference_url": "https://github.com/joestump/python-oauth2/commit/82dd2cdd4954cd7b8983d5d64c0dfd9072bf4650", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/joestump/python-oauth2/commit/82dd2cdd4954cd7b8983d5d64c0dfd9072bf4650" }, { "reference_url": "https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-86.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/pypa/advisory-database/tree/main/vulns/oauth2/PYSEC-2014-86.yaml" }, { "reference_url": "https://github.com/simplegeo/python-oauth2/issues/9", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/simplegeo/python-oauth2/issues/9" }, { "reference_url": "https://github.com/simplegeo/python-oauth2/pull/146", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/simplegeo/python-oauth2/pull/146" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4347", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4347" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/09/12/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/09/12/7" }, { "reference_url": "http://www.securityfocus.com/bid/62388", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "6.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/62388" }, { "reference_url": "https://github.com/advisories/GHSA-rv8h-p43r-4x5r", "reference_id": "GHSA-rv8h-p43r-4x5r", "reference_type": "", "scores": [], "url": "https://github.com/advisories/GHSA-rv8h-p43r-4x5r" } ], "fixed_packages": [], "aliases": [ "CVE-2013-4347", "GHSA-rv8h-p43r-4x5r", "PYSEC-2014-86" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-b45h-wab3-1ya2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67733?format=api", "vulnerability_id": "VCID-cpa7-kedk-eybb", "summary": "qpid-cpp: anonymous access to qpidd cannot be prevented", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0223.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0223.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0223", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02275", "scoring_system": "epss", "scoring_elements": "0.84925", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0223" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186308", "reference_id": "1186308", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1186308" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0660", "reference_id": "RHSA-2015:0660", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0660" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0661", "reference_id": "RHSA-2015:0661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0662", "reference_id": "RHSA-2015:0662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0707", "reference_id": "RHSA-2015:0707", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0707" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0708", "reference_id": "RHSA-2015:0708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0708" } ], "fixed_packages": [], "aliases": [ "CVE-2015-0223" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-cpa7-kedk-eybb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67597?format=api", "vulnerability_id": "VCID-emtz-nz5a-qqf1", "summary": "foreman: lack of SSL certificate validation when performing LDAPS authentication", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1816.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1816.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1816", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00217", "scoring_system": "epss", "scoring_elements": "0.44264", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1816" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208602", "reference_id": "1208602", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1208602" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1816" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-emtz-nz5a-qqf1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67891?format=api", "vulnerability_id": "VCID-mwaj-9max-2ka2", "summary": "qpid-cpp: 3 qpidd DoS issues in AMQP 0-10 protocol handling", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0203.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-0203.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0203", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.16987", "scoring_system": "epss", "scoring_elements": "0.95087", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-0203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181721", "reference_id": "1181721", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1181721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0660", "reference_id": "RHSA-2015:0660", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0660" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0661", "reference_id": "RHSA-2015:0661", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0661" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0662", "reference_id": "RHSA-2015:0662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0707", "reference_id": "RHSA-2015:0707", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0707" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0708", "reference_id": "RHSA-2015:0708", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0708" } ], "fixed_packages": [], "aliases": [ "CVE-2015-0203" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mwaj-9max-2ka2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/68497?format=api", "vulnerability_id": "VCID-uv19-x8bb-4uaa", "summary": "rhn_satellite_6: cross-site request forgery (CSRF) can force logout", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3590.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3590.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3590", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00242", "scoring_system": "epss", "scoring_elements": "0.47601", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3590" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128108", "reference_id": "1128108", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1128108" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3590" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uv19-x8bb-4uaa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67613?format=api", "vulnerability_id": "VCID-x8e4-h85b-4bcr", "summary": "mongodb: DoS due to improper BSON validation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1609.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1609.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1609", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01693", "scoring_system": "epss", "scoring_elements": "0.82563", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1609" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1200446", "reference_id": "1200446", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1200446" }, { "reference_url": "https://security.gentoo.org/glsa/201611-13", "reference_id": "GLSA-201611-13", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201611-13" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1609" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x8e4-h85b-4bcr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/67093?format=api", "vulnerability_id": "VCID-ypcp-uwrr-8ydf", "summary": "foreman: edit_users permission allows changing of admin passwords", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3235.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3235.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3235", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0057", "scoring_system": "epss", "scoring_elements": "0.68895", "published_at": "2026-05-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3235" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1232366", "reference_id": "1232366", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1232366" } ], "fixed_packages": [], "aliases": [ "CVE-2015-3235" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ypcp-uwrr-8ydf" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ipxe@20130517-7.1fm.gitc4bce43%3Farch=el6sat" }