{"url":"http://public2.vulnerablecode.io/api/packages/934322?format=json","purl":"pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie","type":"deb","namespace":"debian","name":"pacemaker","version":"2.1.5-1+deb12u1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"3.0.0-2","latest_non_vulnerable_version":"3.0.1-1.1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40851?format=json","vulnerability_id":"VCID-327t-taks-fbb3","summary":"Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3885.json","reference_id":"","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-3885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3885","reference_id":"","reference_type":"","scores":[{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.3451","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34729","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34755","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34632","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34676","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34704","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34707","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34669","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34645","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34682","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34667","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34628","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.3439","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34372","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34287","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00143","scoring_system":"epss","scoring_elements":"0.34155","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-3885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3885"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694554","reference_id":"1694554","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1694554"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714","reference_id":"927714","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714"},{"reference_url":"https://security.gentoo.org/glsa/202309-09","reference_id":"GLSA-202309-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1278","reference_id":"RHSA-2019:1278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1279","reference_id":"RHSA-2019:1279","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1279"},{"reference_url":"https://usn.ubuntu.com/3952-1/","reference_id":"USN-3952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934332?format=json","purl":"pkg:deb/debian/pacemaker@2.0.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934324?format=json","purl":"pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934322?format=json","purl":"pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934326?format=json","purl":"pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934325?format=json","purl":"pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie"}],"aliases":["CVE-2019-3885"],"risk_score":1.5,"exploitability":"0.5","weighted_severity":"3.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-327t-taks-fbb3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40852?format=json","vulnerability_id":"VCID-92ea-qdzb-6ffa","summary":"Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in root privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25654.json","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25654.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25654","reference_id":"","reference_type":"","scores":[{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24888","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24967","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.25008","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24782","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.2485","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24894","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.2491","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24871","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24815","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24827","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.2482","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24798","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24738","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24727","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24683","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00086","scoring_system":"epss","scoring_elements":"0.24562","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25654"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25654","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25654"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1888191","reference_id":"1888191","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1888191"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973254","reference_id":"973254","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=973254"},{"reference_url":"https://security.gentoo.org/glsa/202309-09","reference_id":"GLSA-202309-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5423","reference_id":"RHSA-2020:5423","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5423"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5453","reference_id":"RHSA-2020:5453","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5453"},{"reference_url":"https://access.redhat.com/errata/RHSA-2020:5487","reference_id":"RHSA-2020:5487","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2020:5487"},{"reference_url":"https://usn.ubuntu.com/4623-1/","reference_id":"USN-4623-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4623-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934333?format=json","purl":"pkg:deb/debian/pacemaker@2.0.5~rc2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5~rc2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934324?format=json","purl":"pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934322?format=json","purl":"pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934326?format=json","purl":"pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934325?format=json","purl":"pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie"}],"aliases":["CVE-2020-25654"],"risk_score":3.2,"exploitability":"0.5","weighted_severity":"6.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-92ea-qdzb-6ffa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/87732?format=json","vulnerability_id":"VCID-a2tm-n6s5-fqh2","summary":"cluster-glue: passes the stonith parameters via the commandline which could result in password leaks","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2496.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2010-2496.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2496","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12376","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12484","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12528","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12335","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12415","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12466","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12473","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12435","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12395","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12295","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12294","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12399","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12365","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12254","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12169","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-2496"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2496","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2496"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1974363","reference_id":"1974363","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1974363"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934323?format=json","purl":"pkg:deb/debian/pacemaker@1.1.13-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@1.1.13-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934324?format=json","purl":"pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934322?format=json","purl":"pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934326?format=json","purl":"pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934325?format=json","purl":"pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie"}],"aliases":["CVE-2010-2496"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a2tm-n6s5-fqh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40850?format=json","vulnerability_id":"VCID-bsg7-97m3-5qee","summary":"Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in root privilege escalation.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00034.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16878.json","reference_id":"","reference_type":"","scores":[{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16878.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16878","reference_id":"","reference_type":"","scores":[{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05838","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06144","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06064","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06087","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06117","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.06125","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05871","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05905","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05897","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05936","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05975","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05956","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05947","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05938","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05903","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00022","scoring_system":"epss","scoring_elements":"0.05913","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16878"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16878","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16878"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16878","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16878"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ClusterLabs/pacemaker/pull/1749","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ClusterLabs/pacemaker/pull/1749"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HR6QUYGML735EI3HEEHYRDW7EG73BUH2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HR6QUYGML735EI3HEEHYRDW7EG73BUH2/"},{"reference_url":"http://www.securityfocus.com/bid/108039","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/108039"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1657962","reference_id":"1657962","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1657962"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714","reference_id":"927714","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_aus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_tus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16878","reference_id":"CVE-2018-16878","reference_type":"","scores":[{"value":"2.1","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:N/I:N/A:P"},{"value":"6.2","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16878"},{"reference_url":"https://security.gentoo.org/glsa/202309-09","reference_id":"GLSA-202309-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1278","reference_id":"RHSA-2019:1278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1279","reference_id":"RHSA-2019:1279","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1279"},{"reference_url":"https://usn.ubuntu.com/3952-1/","reference_id":"USN-3952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934332?format=json","purl":"pkg:deb/debian/pacemaker@2.0.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934324?format=json","purl":"pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934322?format=json","purl":"pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934326?format=json","purl":"pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934325?format=json","purl":"pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie"}],"aliases":["CVE-2018-16878"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bsg7-97m3-5qee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47970?format=json","vulnerability_id":"VCID-gye7-542g-9bg7","summary":"Multiple vulnerabilities have been found in Pacemaker, the worst of\n    which could result in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7035.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7035.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7035","reference_id":"","reference_type":"","scores":[{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28197","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28269","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28312","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28168","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28211","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28218","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28175","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28129","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28111","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.28067","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27986","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27874","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27797","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00103","scoring_system":"epss","scoring_elements":"0.27626","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7035"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7035","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7035"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:S/C:C/I:C/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1369732","reference_id":"1369732","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1369732"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843041","reference_id":"843041","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=843041"},{"reference_url":"https://security.gentoo.org/glsa/201710-08","reference_id":"GLSA-201710-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2614","reference_id":"RHSA-2016:2614","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2675","reference_id":"RHSA-2016:2675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2675"},{"reference_url":"https://usn.ubuntu.com/3462-1/","reference_id":"USN-3462-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3462-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934330?format=json","purl":"pkg:deb/debian/pacemaker@1.1.15-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@1.1.15-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934324?format=json","purl":"pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934322?format=json","purl":"pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934326?format=json","purl":"pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934325?format=json","purl":"pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie"}],"aliases":["CVE-2016-7035"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-gye7-542g-9bg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/47969?format=json","vulnerability_id":"VCID-pvn9-c4dp-xbd7","summary":"Multiple vulnerabilities have been found in Pacemaker, the worst of\n    which could result in the execution of arbitrary code.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1867.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1867.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1867","reference_id":"","reference_type":"","scores":[{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72285","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72291","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.7231","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72287","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72325","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72337","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.7236","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72344","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72332","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72373","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72383","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.7237","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72413","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72422","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.72418","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00714","scoring_system":"epss","scoring_elements":"0.7241","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2015-1867"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1211370","reference_id":"1211370","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1211370"},{"reference_url":"https://security.gentoo.org/glsa/201710-08","reference_id":"GLSA-201710-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201710-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:1424","reference_id":"RHSA-2015:1424","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:1424"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:2383","reference_id":"RHSA-2015:2383","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:2383"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934329?format=json","purl":"pkg:deb/debian/pacemaker@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934324?format=json","purl":"pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934322?format=json","purl":"pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934326?format=json","purl":"pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934325?format=json","purl":"pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie"}],"aliases":["CVE-2015-1867"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pvn9-c4dp-xbd7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/86785?format=json","vulnerability_id":"VCID-q1r7-byck-f3fs","summary":"pacemaker: remote DoS when CIB management is enabled caused by use of blocking sockets","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0281.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0281.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0281","reference_id":"","reference_type":"","scores":[{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71267","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71275","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71292","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71309","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71322","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71345","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.7133","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71313","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71359","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71365","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71344","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71398","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71406","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71409","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00669","scoring_system":"epss","scoring_elements":"0.71396","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0281"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0281","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0281"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700923","reference_id":"700923","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700923"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=891922","reference_id":"891922","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=891922"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:1635","reference_id":"RHSA-2013:1635","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:1635"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934328?format=json","purl":"pkg:deb/debian/pacemaker@1.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@1.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934324?format=json","purl":"pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934322?format=json","purl":"pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934326?format=json","purl":"pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934325?format=json","purl":"pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie"}],"aliases":["CVE-2013-0281"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q1r7-byck-f3fs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/85321?format=json","vulnerability_id":"VCID-w5rz-ney4-8uap","summary":"pacemaker: pacemaker remote nodes vulnerable to hijacking, resulting in a DoS attack","references":[{"reference_url":"http://bugs.clusterlabs.org/show_bug.cgi?id=5269","reference_id":"","reference_type":"","scores":[],"url":"http://bugs.clusterlabs.org/show_bug.cgi?id=5269"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00038.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-11/msg00038.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00001.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00001.html"},{"reference_url":"http://lists.opensuse.org/opensuse-updates/2016-12/msg00077.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-updates/2016-12/msg00077.html"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2016-2578.html","reference_id":"","reference_type":"","scores":[],"url":"http://rhn.redhat.com/errata/RHSA-2016-2578.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7797.json","reference_id":"","reference_type":"","scores":[{"value":"8.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-7797.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7797","reference_id":"","reference_type":"","scores":[{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85036","published_at":"2026-04-01T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85174","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85154","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85163","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.8516","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85049","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85066","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85071","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85093","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.851","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85115","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85113","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.8511","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85131","published_at":"2026-04-21T12:55:00Z"},{"value":"0.02415","scoring_system":"epss","scoring_elements":"0.85134","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2016-7797"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7797","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7797"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:C"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ClusterLabs/pacemaker/commit/5ec24a2642bd0854b884d1a9b51d12371373b410"},{"reference_url":"http://www.openwall.com/lists/oss-security/2016/10/01/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2016/10/01/1"},{"reference_url":"http://www.securityfocus.com/bid/93261","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/93261"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1379784","reference_id":"1379784","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1379784"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse_project:leap:42.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_high_availability:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_high_availability:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_high_availability:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_resilient_storage:7.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_high_availability:12:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*","reference_id":"cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:sp2:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7797","reference_id":"CVE-2016-7797","reference_type":"","scores":[{"value":"5.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:N/I:N/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2016-7797"},{"reference_url":"https://access.redhat.com/errata/RHSA-2016:2578","reference_id":"RHSA-2016:2578","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2016:2578"},{"reference_url":"https://usn.ubuntu.com/3462-1/","reference_id":"USN-3462-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3462-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934331?format=json","purl":"pkg:deb/debian/pacemaker@1.1.15~rc3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@1.1.15~rc3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934324?format=json","purl":"pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934322?format=json","purl":"pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934326?format=json","purl":"pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934325?format=json","purl":"pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie"}],"aliases":["CVE-2016-7797"],"risk_score":3.9,"exploitability":"0.5","weighted_severity":"7.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w5rz-ney4-8uap"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/40849?format=json","vulnerability_id":"VCID-xzxd-afh3-t7b9","summary":"Multiple vulnerabilities have been found in Pacemaker, the worst of which could result in root privilege escalation.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00012.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00012.html"},{"reference_url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00034.html","reference_id":"","reference_type":"","scores":[],"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00034.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16877.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16877.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16877","reference_id":"","reference_type":"","scores":[{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1205","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1183","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12067","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12043","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12012","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.11917","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12161","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12206","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12008","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1209","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12142","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.1215","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12113","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.12082","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.11954","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0004","scoring_system":"epss","scoring_elements":"0.11951","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16877"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16877","reference_id":"","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16877"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16877","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16877"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/ClusterLabs/pacemaker/pull/1749","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ClusterLabs/pacemaker/pull/1749"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html","reference_id":"","reference_type":"","scores":[],"url":"https://lists.debian.org/debian-lts-announce/2021/01/msg00007.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3GCWFO7GL6MBU6C4BGFO3P6L77DIBBF3/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FY4M4RMIG2POKC6OOFQODGKPRYXHET2F/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HR6QUYGML735EI3HEEHYRDW7EG73BUH2/","reference_id":"","reference_type":"","scores":[],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HR6QUYGML735EI3HEEHYRDW7EG73BUH2/"},{"reference_url":"http://www.securityfocus.com/bid/108042","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/108042"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1652646","reference_id":"1652646","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1652646"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714","reference_id":"927714","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=927714"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16877","reference_id":"CVE-2018-16877","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16877"},{"reference_url":"https://security.gentoo.org/glsa/202309-09","reference_id":"GLSA-202309-09","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202309-09"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1278","reference_id":"RHSA-2019:1278","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1278"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1279","reference_id":"RHSA-2019:1279","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2019:1279"},{"reference_url":"https://usn.ubuntu.com/3952-1/","reference_id":"USN-3952-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/3952-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934332?format=json","purl":"pkg:deb/debian/pacemaker@2.0.1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934324?format=json","purl":"pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934322?format=json","purl":"pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934326?format=json","purl":"pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934325?format=json","purl":"pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie"}],"aliases":["CVE-2018-16877"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xzxd-afh3-t7b9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/90623?format=json","vulnerability_id":"VCID-zjzt-yztd-c7db","summary":"Pacemaker before 1.1.6 configure script creates temporary files insecurely","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5271.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2011-5271.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-5271","reference_id":"","reference_type":"","scores":[{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61325","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61373","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61227","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61306","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61335","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61303","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.6135","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61366","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61386","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61372","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61353","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61392","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61396","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61375","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61364","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0041","scoring_system":"epss","scoring_elements":"0.61379","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-5271"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5271","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5271"},{"reference_url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/91120","reference_id":"","reference_type":"","scores":[],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/91120"},{"reference_url":"https://security-tracker.debian.org/tracker/CVE-2011-5271","reference_id":"","reference_type":"","scores":[],"url":"https://security-tracker.debian.org/tracker/CVE-2011-5271"},{"reference_url":"http://www.openwall.com/lists/oss-security/2014/02/11/1","reference_id":"","reference_type":"","scores":[],"url":"http://www.openwall.com/lists/oss-security/2014/02/11/1"},{"reference_url":"http://www.securityfocus.com/bid/65472","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/65472"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633964","reference_id":"633964","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=633964"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:clusterlabs:pacemaker:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2011-5271","reference_id":"CVE-2011-5271","reference_type":"","scores":[{"value":"3.3","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:M/Au:N/C:N/I:P/A:P"},{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2011-5271"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934327?format=json","purl":"pkg:deb/debian/pacemaker@1.1.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@1.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934324?format=json","purl":"pkg:deb/debian/pacemaker@2.0.5-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.0.5-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934322?format=json","purl":"pkg:deb/debian/pacemaker@2.1.5-1%2Bdeb12u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934326?format=json","purl":"pkg:deb/debian/pacemaker@3.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934325?format=json","purl":"pkg:deb/debian/pacemaker@3.0.1-1.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@3.0.1-1.1%3Fdistro=trixie"}],"aliases":["CVE-2011-5271"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zjzt-yztd-c7db"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/pacemaker@2.1.5-1%252Bdeb12u1%3Fdistro=trixie"}