Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:gem/awesome_spawn@1.0.0
Typegem
Namespace
Nameawesome_spawn
Version1.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.2.0
Latest_non_vulnerable_version1.2.0
Affected_by_vulnerabilities
0
url VCID-4ww2-6mxp-c3hd
vulnerability_id VCID-4ww2-6mxp-c3hd
summary 
OS command injection flaw in awesome_spawn
Awesome spawn contains an OS command injection vulnerability, which allows execution of additional commands passed to Awesome spawn as arguments. If untrusted input is included in command arguments, an attacker could use this flaw to execute arbitrary commands.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0156.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0156.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0156
reference_id
reference_type
scores
0
value 0.01367
scoring_system epss
scoring_elements 0.80553
published_at 2026-06-08T12:55:00Z
1
value 0.01367
scoring_system epss
scoring_elements 0.80557
published_at 2026-06-07T12:55:00Z
2
value 0.01367
scoring_system epss
scoring_elements 0.8056
published_at 2026-06-06T12:55:00Z
3
value 0.01367
scoring_system epss
scoring_elements 0.80558
published_at 2026-06-05T12:55:00Z
4
value 0.01367
scoring_system epss
scoring_elements 0.80531
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0156
2
reference_url https://github.com/ManageIQ/awesome_spawn
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ManageIQ/awesome_spawn
3
reference_url https://github.com/ManageIQ/awesome_spawn/commit/e524f85f1c6e292ef7d117d7818521307ac269ff
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements
1
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/ManageIQ/awesome_spawn/commit/e524f85f1c6e292ef7d117d7818521307ac269ff
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0156
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0156
5
reference_url https://rubysec.com/advisories/CVE-2014-0156
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://rubysec.com/advisories/CVE-2014-0156
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2102827
reference_id 2102827
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2102827
7
reference_url https://rubysec.com/advisories/CVE-2014-0156/
reference_id CVE-2014-0156
reference_type
scores
url https://rubysec.com/advisories/CVE-2014-0156/
8
reference_url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/awesome_spawn/CVE-2014-0156.yml
reference_id CVE-2014-0156.YML
reference_type
scores
url https://github.com/rubysec/ruby-advisory-db/blob/master/gems/awesome_spawn/CVE-2014-0156.yml
9
reference_url https://github.com/advisories/GHSA-qpqw-mc85-qvm9
reference_id GHSA-qpqw-mc85-qvm9
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qpqw-mc85-qvm9
fixed_packages
0
url pkg:gem/awesome_spawn@1.2.0
purl pkg:gem/awesome_spawn@1.2.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:gem/awesome_spawn@1.2.0
aliases CVE-2014-0156, GHSA-qpqw-mc85-qvm9
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ww2-6mxp-c3hd
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:gem/awesome_spawn@1.0.0