Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/934322?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/934322?format=api", "purl": "pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie", "type": "deb", "namespace": "debian", "name": "pacemaker", "version": "2.1.5-1+deb12u1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "3.0.0-2", "latest_non_vulnerable_version": "3.0.1-1.1", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40851?format=api", "vulnerability_id": "VCID-327t-taks-fbb3", "summary": "Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3885.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3885.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.3451", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34729", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34755", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34632", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34676", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34704", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34707", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34669", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34645", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34682", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34667", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34628", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.3439", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34372", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34287", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00143", "scoring_system": "epss", "scoring_elements": "0.34155", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-3885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3885" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694554", "reference_id": "1694554", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1694554" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714", "reference_id": "927714", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714" }, { "reference_url": "https://security.gentoo.org/glsa/202309-09", "reference_id": "GLSA-202309-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1278", "reference_id": "RHSA-2019:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1279", "reference_id": "RHSA-2019:1279", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1279" }, { "reference_url": "https://usn.ubuntu.com/3952-1/", "reference_id": "USN-3952-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3952-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934332?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934324?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934322?format=api", "purl": "pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934326?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934325?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2019-3885" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-327t-taks-fbb3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40852?format=api", "vulnerability_id": "VCID-92ea-qdzb-6ffa", "summary": "Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25654.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25654.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25654", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24888", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24967", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.25008", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24782", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2485", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24894", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2491", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24871", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24815", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24827", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.2482", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24798", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24738", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24727", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24683", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24562", "published_at": "2026-05-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25654" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1888191", "reference_id": "1888191", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1888191" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973254", "reference_id": "973254", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973254" }, { "reference_url": "https://security.gentoo.org/glsa/202309-09", "reference_id": "GLSA-202309-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5423", "reference_id": "RHSA-2020:5423", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5423" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5453", "reference_id": "RHSA-2020:5453", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5453" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2020:5487", "reference_id": "RHSA-2020:5487", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2020:5487" }, { "reference_url": "https://usn.ubuntu.com/4623-1/", "reference_id": "USN-4623-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4623-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934333?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.5~rc2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5~rc2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934324?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934322?format=api", "purl": "pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934326?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934325?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2020-25654" ], "risk_score": 3.2, "exploitability": "0.5", "weighted_severity": "6.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-92ea-qdzb-6ffa" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/87732?format=api", "vulnerability_id": "VCID-a2tm-n6s5-fqh2", "summary": "cluster-glue: passes the stonith parameters via the commandline which could result in password leaks", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2496.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2496.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2496", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12376", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12484", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12528", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12335", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12415", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12466", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12473", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12435", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12395", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12295", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12294", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12399", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12365", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12254", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12169", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12305", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2496" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2496", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2496" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974363", "reference_id": "1974363", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1974363" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934323?format=api", "purl": "pkg:deb/debian/pacemaker@1.1.13-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@1.1.13-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934324?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934322?format=api", "purl": "pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934326?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934325?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2010-2496" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a2tm-n6s5-fqh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40850?format=api", "vulnerability_id": "VCID-bsg7-97m3-5qee", "summary": "Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00012.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00034.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16878.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16878.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16878", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05838", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06244", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06087", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06117", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06125", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06144", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05871", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05905", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05897", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05936", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05975", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05956", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05947", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05938", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05903", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.05913", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00022", "scoring_system": "epss", "scoring_elements": "0.06064", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16878" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16878", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16878" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16878", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16878" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ClusterLabs/pacemaker/pull/1749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ClusterLabs/pacemaker/pull/1749" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HR6QUYGML735EI3HEEHYRDW7EG73BUH2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HR6QUYGML735EI3HEEHYRDW7EG73BUH2/" }, { "reference_url": "http://www.securityfocus.com/bid/108039", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/108039" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1657962", "reference_id": "1657962", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1657962" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714", "reference_id": "927714", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16878", "reference_id": "CVE-2018-16878", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "6.2", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16878" }, { "reference_url": "https://security.gentoo.org/glsa/202309-09", "reference_id": "GLSA-202309-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1278", "reference_id": "RHSA-2019:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1279", "reference_id": "RHSA-2019:1279", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1279" }, { "reference_url": "https://usn.ubuntu.com/3952-1/", "reference_id": "USN-3952-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3952-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934332?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934324?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934322?format=api", "purl": "pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934326?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934325?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16878" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bsg7-97m3-5qee" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47970?format=api", "vulnerability_id": "VCID-gye7-542g-9bg7", "summary": "Multiple vulnerabilities have been found in Pacemaker, the worst of\n which could result in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7035.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7035.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7035", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28197", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28269", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28312", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28102", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28168", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28211", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28218", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28175", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28117", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28129", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28111", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.28067", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27986", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27874", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27797", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27626", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00103", "scoring_system": "epss", "scoring_elements": "0.27688", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7035" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7035", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7035" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:S/C:C/I:C/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369732", "reference_id": "1369732", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1369732" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843041", "reference_id": "843041", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843041" }, { "reference_url": "https://security.gentoo.org/glsa/201710-08", "reference_id": "GLSA-201710-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2614", "reference_id": "RHSA-2016:2614", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2675", "reference_id": "RHSA-2016:2675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2675" }, { "reference_url": "https://usn.ubuntu.com/3462-1/", "reference_id": "USN-3462-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3462-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934330?format=api", "purl": "pkg:deb/debian/pacemaker@1.1.15-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@1.1.15-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934324?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934322?format=api", "purl": "pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934326?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934325?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7035" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gye7-542g-9bg7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/47969?format=api", "vulnerability_id": "VCID-pvn9-c4dp-xbd7", "summary": "Multiple vulnerabilities have been found in Pacemaker, the worst of\n which could result in the execution of arbitrary code.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1867.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1867.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1867", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72285", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72291", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.7231", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72287", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72325", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72337", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.7236", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72344", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72332", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72373", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72383", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.7237", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72413", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72422", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72418", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.7241", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00714", "scoring_system": "epss", "scoring_elements": "0.72439", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1867" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211370", "reference_id": "1211370", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1211370" }, { "reference_url": "https://security.gentoo.org/glsa/201710-08", "reference_id": "GLSA-201710-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201710-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1424", "reference_id": "RHSA-2015:1424", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1424" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2383", "reference_id": "RHSA-2015:2383", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2383" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934329?format=api", "purl": "pkg:deb/debian/pacemaker@0?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@0%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934324?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934322?format=api", "purl": "pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934326?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934325?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2015-1867" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pvn9-c4dp-xbd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86785?format=api", "vulnerability_id": "VCID-q1r7-byck-f3fs", "summary": "pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0281.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0281.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0281", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71267", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71275", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71292", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71309", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71322", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71345", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.7133", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71313", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71359", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71365", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71344", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71398", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71406", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71409", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71396", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00669", "scoring_system": "epss", "scoring_elements": "0.71432", "published_at": "2026-05-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0281" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0281", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0281" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700923", "reference_id": "700923", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700923" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=891922", "reference_id": "891922", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=891922" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1635", "reference_id": "RHSA-2013:1635", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1635" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934328?format=api", "purl": "pkg:deb/debian/pacemaker@1.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@1.1.10-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934324?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934322?format=api", "purl": "pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934326?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934325?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2013-0281" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q1r7-byck-f3fs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/85321?format=api", "vulnerability_id": "VCID-w5rz-ney4-8uap", "summary": "pacemaker: pacemaker remote nodes vulnerable to hijacking, resulting in a DoS attack", "references": [ { "reference_url": "http://bugs.clusterlabs.org/show_bug.cgi?id=5269", "reference_id": "", "reference_type": "", "scores": [], "url": "http://bugs.clusterlabs.org/show_bug.cgi?id=5269" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00038.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00001.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00001.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00077.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00077.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-2578.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-2578.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7797.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7797.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7797", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85036", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85199", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85163", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.8516", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85174", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85049", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85066", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85071", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85093", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.851", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85115", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85113", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.8511", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85131", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85134", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.02415", "scoring_system": "epss", "scoring_elements": "0.85154", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-7797" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7797", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7797" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2016/10/01/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2016/10/01/1" }, { "reference_url": "http://www.securityfocus.com/bid/93261", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/93261" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379784", "reference_id": "1379784", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1379784" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_high_availability:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_high_availability:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_high_availability:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp2:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7797", "reference_id": "CVE-2016-7797", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-7797" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:2578", "reference_id": "RHSA-2016:2578", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:2578" }, { "reference_url": "https://usn.ubuntu.com/3462-1/", "reference_id": "USN-3462-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3462-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934331?format=api", "purl": "pkg:deb/debian/pacemaker@1.1.15~rc3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@1.1.15~rc3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934324?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934322?format=api", "purl": "pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934326?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934325?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2016-7797" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w5rz-ney4-8uap" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/40849?format=api", "vulnerability_id": "VCID-xzxd-afh3-t7b9", "summary": "Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in root privilege escalation.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00012.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00012.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00034.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00034.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16877.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16877.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16877", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1205", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11967", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12043", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12012", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11917", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1183", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12161", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12206", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12008", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1209", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12142", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.1215", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12113", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12082", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11954", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.11951", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0004", "scoring_system": "epss", "scoring_elements": "0.12067", "published_at": "2026-04-21T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-16877" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16877" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16877", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16877" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://github.com/ClusterLabs/pacemaker/pull/1749", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/ClusterLabs/pacemaker/pull/1749" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HR6QUYGML735EI3HEEHYRDW7EG73BUH2/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HR6QUYGML735EI3HEEHYRDW7EG73BUH2/" }, { "reference_url": "http://www.securityfocus.com/bid/108042", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/108042" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1652646", "reference_id": "1652646", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1652646" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714", "reference_id": "927714", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16877", "reference_id": "CVE-2018-16877", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-16877" }, { "reference_url": "https://security.gentoo.org/glsa/202309-09", "reference_id": "GLSA-202309-09", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202309-09" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1278", "reference_id": "RHSA-2019:1278", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1278" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2019:1279", "reference_id": "RHSA-2019:1279", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2019:1279" }, { "reference_url": "https://usn.ubuntu.com/3952-1/", "reference_id": "USN-3952-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/3952-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934332?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.1-3?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.1-3%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934324?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934322?format=api", "purl": "pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934326?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934325?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2018-16877" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xzxd-afh3-t7b9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/90623?format=api", "vulnerability_id": "VCID-zjzt-yztd-c7db", "summary": "Pacemaker before 1.1.6 configure script creates temporary files insecurely", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5271.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5271.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-5271", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61325", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61373", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61227", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61306", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61335", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61303", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.6135", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61366", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61386", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61372", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61353", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61392", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61396", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61375", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61364", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.0041", "scoring_system": "epss", "scoring_elements": "0.61379", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-5271" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5271", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5271" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91120", "reference_id": "", "reference_type": "", "scores": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91120" }, { "reference_url": "https://security-tracker.debian.org/tracker/CVE-2011-5271", "reference_id": "", "reference_type": "", "scores": [], "url": "https://security-tracker.debian.org/tracker/CVE-2011-5271" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2014/02/11/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2014/02/11/1" }, { "reference_url": "http://www.securityfocus.com/bid/65472", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/65472" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633964", "reference_id": "633964", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633964" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2011-5271", "reference_id": "CVE-2011-5271", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:P/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-5271" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/934327?format=api", "purl": "pkg:deb/debian/pacemaker@1.1.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@1.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934324?format=api", "purl": "pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934322?format=api", "purl": "pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934326?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/934325?format=api", "purl": "pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie" } ], "aliases": [ "CVE-2011-5271" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zjzt-yztd-c7db" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie" }