{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5802?format=json","vulnerability_id":"VCID-vyg9-hnp3-wye9","summary":"A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presence of arbitrary files within the filesystem of the executor running the action. Since std.ssh private_key_filename can take an absolute path, it can be used to assess whether or not a file exists on the executor's filesystem.","aliases":[{"alias":"CVE-2018-16849"},{"alias":"GHSA-fqw7-c6vr-q29m"},{"alias":"PYSEC-2018-92"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1051499?format=json","purl":"pkg:deb/debian/mistral@7.0.0-2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@7.0.0-2"},{"url":"http://public2.vulnerablecode.io/api/packages/930911?format=json","purl":"pkg:deb/debian/mistral@7.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@7.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930906?format=json","purl":"pkg:deb/debian/mistral@11.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@11.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930904?format=json","purl":"pkg:deb/debian/mistral@15.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@15.0.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930909?format=json","purl":"pkg:deb/debian/mistral@20.0.0-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@20.0.0-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930907?format=json","purl":"pkg:deb/debian/mistral@22.0.0~rc1-3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@22.0.0~rc1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/930908?format=json","purl":"pkg:deb/debian/mistral@22.0.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@22.0.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/7482?format=json","purl":"pkg:pypi/mistral@7.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@7.0.1"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1051497?format=json","purl":"pkg:deb/debian/mistral@2.0.0-2~bpo8%2B1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-89jv-kym3-gqdh"},{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@2.0.0-2~bpo8%252B1"},{"url":"http://public2.vulnerablecode.io/api/packages/1051498?format=json","purl":"pkg:deb/debian/mistral@3.0.0-4%2Bdeb9u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-89jv-kym3-gqdh"},{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/mistral@3.0.0-4%252Bdeb9u1"},{"url":"http://public2.vulnerablecode.io/api/packages/7420?format=json","purl":"pkg:pypi/mistral@0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@0"},{"url":"http://public2.vulnerablecode.io/api/packages/7421?format=json","purl":"pkg:pypi/mistral@0.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@0.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7422?format=json","purl":"pkg:pypi/mistral@0.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@0.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/7423?format=json","purl":"pkg:pypi/mistral@0.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@0.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/7424?format=json","purl":"pkg:pypi/mistral@0.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@0.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/7425?format=json","purl":"pkg:pypi/mistral@0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7426?format=json","purl":"pkg:pypi/mistral@0.1.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@0.1.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7427?format=json","purl":"pkg:pypi/mistral@1.0.0.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@1.0.0.0b1"},{"url":"http://public2.vulnerablecode.io/api/packages/7428?format=json","purl":"pkg:pypi/mistral@1.0.0.0b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@1.0.0.0b2"},{"url":"http://public2.vulnerablecode.io/api/packages/7429?format=json","purl":"pkg:pypi/mistral@1.0.0.0b3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@1.0.0.0b3"},{"url":"http://public2.vulnerablecode.io/api/packages/7430?format=json","purl":"pkg:pypi/mistral@1.0.0.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@1.0.0.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/7431?format=json","purl":"pkg:pypi/mistral@1.0.0.0rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@1.0.0.0rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/7432?format=json","purl":"pkg:pypi/mistral@1.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@1.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7433?format=json","purl":"pkg:pypi/mistral@1.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@1.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7434?format=json","purl":"pkg:pypi/mistral@2.0.0.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@2.0.0.0b1"},{"url":"http://public2.vulnerablecode.io/api/packages/7435?format=json","purl":"pkg:pypi/mistral@2.0.0.0b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@2.0.0.0b2"},{"url":"http://public2.vulnerablecode.io/api/packages/7436?format=json","purl":"pkg:pypi/mistral@2.0.0.0b3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@2.0.0.0b3"},{"url":"http://public2.vulnerablecode.io/api/packages/7437?format=json","purl":"pkg:pypi/mistral@2.0.0.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@2.0.0.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/7438?format=json","purl":"pkg:pypi/mistral@2.0.0.0rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@2.0.0.0rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/7439?format=json","purl":"pkg:pypi/mistral@2.0.0.0rc3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@2.0.0.0rc3"},{"url":"http://public2.vulnerablecode.io/api/packages/7440?format=json","purl":"pkg:pypi/mistral@2.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@2.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7441?format=json","purl":"pkg:pypi/mistral@3.0.0.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@3.0.0.0b1"},{"url":"http://public2.vulnerablecode.io/api/packages/7442?format=json","purl":"pkg:pypi/mistral@3.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@3.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/7443?format=json","purl":"pkg:pypi/mistral@4.0.0.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@4.0.0.0b1"},{"url":"http://public2.vulnerablecode.io/api/packages/7444?format=json","purl":"pkg:pypi/mistral@4.0.0.0b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@4.0.0.0b2"},{"url":"http://public2.vulnerablecode.io/api/packages/7445?format=json","purl":"pkg:pypi/mistral@4.0.0.0b3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@4.0.0.0b3"},{"url":"http://public2.vulnerablecode.io/api/packages/7446?format=json","purl":"pkg:pypi/mistral@4.0.0.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@4.0.0.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/7447?format=json","purl":"pkg:pypi/mistral@4.0.0.0rc2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@4.0.0.0rc2"},{"url":"http://public2.vulnerablecode.io/api/packages/7448?format=json","purl":"pkg:pypi/mistral@4.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@4.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7449?format=json","purl":"pkg:pypi/mistral@4.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@4.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7450?format=json","purl":"pkg:pypi/mistral@4.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@4.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/7451?format=json","purl":"pkg:pypi/mistral@5.0.0.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.0.0.0b1"},{"url":"http://public2.vulnerablecode.io/api/packages/7452?format=json","purl":"pkg:pypi/mistral@5.0.0.0b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.0.0.0b2"},{"url":"http://public2.vulnerablecode.io/api/packages/7453?format=json","purl":"pkg:pypi/mistral@5.0.0.0b3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.0.0.0b3"},{"url":"http://public2.vulnerablecode.io/api/packages/7454?format=json","purl":"pkg:pypi/mistral@5.0.0.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.0.0.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/7455?format=json","purl":"pkg:pypi/mistral@5.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7456?format=json","purl":"pkg:pypi/mistral@5.1.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.1.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7457?format=json","purl":"pkg:pypi/mistral@5.2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7458?format=json","purl":"pkg:pypi/mistral@5.2.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.2.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7459?format=json","purl":"pkg:pypi/mistral@5.2.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.2.2"},{"url":"http://public2.vulnerablecode.io/api/packages/7460?format=json","purl":"pkg:pypi/mistral@5.2.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.2.3"},{"url":"http://public2.vulnerablecode.io/api/packages/7461?format=json","purl":"pkg:pypi/mistral@5.2.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.2.4"},{"url":"http://public2.vulnerablecode.io/api/packages/7462?format=json","purl":"pkg:pypi/mistral@5.2.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.2.5"},{"url":"http://public2.vulnerablecode.io/api/packages/7463?format=json","purl":"pkg:pypi/mistral@5.2.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.2.6"},{"url":"http://public2.vulnerablecode.io/api/packages/7464?format=json","purl":"pkg:pypi/mistral@5.2.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.2.7"},{"url":"http://public2.vulnerablecode.io/api/packages/7465?format=json","purl":"pkg:pypi/mistral@5.2.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@5.2.8"},{"url":"http://public2.vulnerablecode.io/api/packages/7466?format=json","purl":"pkg:pypi/mistral@6.0.0.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@6.0.0.0b1"},{"url":"http://public2.vulnerablecode.io/api/packages/7467?format=json","purl":"pkg:pypi/mistral@6.0.0.0b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@6.0.0.0b2"},{"url":"http://public2.vulnerablecode.io/api/packages/7468?format=json","purl":"pkg:pypi/mistral@6.0.0.0b3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@6.0.0.0b3"},{"url":"http://public2.vulnerablecode.io/api/packages/7469?format=json","purl":"pkg:pypi/mistral@6.0.0.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@6.0.0.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/7470?format=json","purl":"pkg:pypi/mistral@6.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@6.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/7471?format=json","purl":"pkg:pypi/mistral@6.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@6.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/7472?format=json","purl":"pkg:pypi/mistral@6.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@6.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/7473?format=json","purl":"pkg:pypi/mistral@6.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@6.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/7474?format=json","purl":"pkg:pypi/mistral@6.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@6.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/7475?format=json","purl":"pkg:pypi/mistral@6.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@6.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/7476?format=json","purl":"pkg:pypi/mistral@6.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@6.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/7477?format=json","purl":"pkg:pypi/mistral@7.0.0.0b1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@7.0.0.0b1"},{"url":"http://public2.vulnerablecode.io/api/packages/7478?format=json","purl":"pkg:pypi/mistral@7.0.0.0b2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@7.0.0.0b2"},{"url":"http://public2.vulnerablecode.io/api/packages/7479?format=json","purl":"pkg:pypi/mistral@7.0.0.0b3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@7.0.0.0b3"},{"url":"http://public2.vulnerablecode.io/api/packages/7480?format=json","purl":"pkg:pypi/mistral@7.0.0.0rc1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@7.0.0.0rc1"},{"url":"http://public2.vulnerablecode.io/api/packages/7481?format=json","purl":"pkg:pypi/mistral@7.0.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-am12-sa1d-27ef"},{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/mistral@7.0.0"},{"url":"http://public2.vulnerablecode.io/api/packages/107224?format=json","purl":"pkg:rpm/redhat/instack-undercloud@8.4.6-6?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/instack-undercloud@8.4.6-6%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107234?format=json","purl":"pkg:rpm/redhat/openstack-mistral@6.0.6-2?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-mistral@6.0.6-2%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107221?format=json","purl":"pkg:rpm/redhat/openstack-tripleo-common@8.6.6-16?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-tripleo-common@8.6.6-16%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107216?format=json","purl":"pkg:rpm/redhat/openstack-tripleo-heat-templates@8.2.0-6.1?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-tripleo-heat-templates@8.2.0-6.1%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107237?format=json","purl":"pkg:rpm/redhat/openstack-tripleo-image-elements@8.0.1-3?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-tripleo-image-elements@8.0.1-3%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107222?format=json","purl":"pkg:rpm/redhat/openstack-tripleo-puppet-elements@8.0.1-2?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-tripleo-puppet-elements@8.0.1-2%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107223?format=json","purl":"pkg:rpm/redhat/openstack-tripleo-ui@8.3.2-3?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-tripleo-ui@8.3.2-3%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107232?format=json","purl":"pkg:rpm/redhat/openstack-tripleo-validations@8.4.4-2?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openstack-tripleo-validations@8.4.4-2%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107233?format=json","purl":"pkg:rpm/redhat/os-net-config@8.4.3-6?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/os-net-config@8.4.3-6%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107236?format=json","purl":"pkg:rpm/redhat/os-refresh-config@8.3.1-0.20180918214345.4703b54?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/os-refresh-config@8.3.1-0.20180918214345.4703b54%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107217?format=json","purl":"pkg:rpm/redhat/puppet-cinder@12.4.1-3?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/puppet-cinder@12.4.1-3%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107220?format=json","purl":"pkg:rpm/redhat/puppet-keystone@12.4.0-4?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/puppet-keystone@12.4.0-4%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107230?format=json","purl":"pkg:rpm/redhat/puppet-manila@12.5.0-3?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/puppet-manila@12.5.0-3%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107227?format=json","purl":"pkg:rpm/redhat/puppet-neutron@12.4.1-4.ed05e01git?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/puppet-neutron@12.4.1-4.ed05e01git%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107229?format=json","purl":"pkg:rpm/redhat/puppet-nova@12.4.0-16?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/puppet-nova@12.4.0-16%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107235?format=json","purl":"pkg:rpm/redhat/puppet-octavia@12.4.0-8?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/puppet-octavia@12.4.0-8%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107228?format=json","purl":"pkg:rpm/redhat/puppet-opendaylight@8.2.2-5.9126c8dgit?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/puppet-opendaylight@8.2.2-5.9126c8dgit%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107225?format=json","purl":"pkg:rpm/redhat/puppet-ovn@12.4.0-2?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/puppet-ovn@12.4.0-2%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107238?format=json","purl":"pkg:rpm/redhat/puppet-pacemaker@0.7.2-0.20180423212257?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/puppet-pacemaker@0.7.2-0.20180423212257%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107218?format=json","purl":"pkg:rpm/redhat/puppet-swift@12.4.0-4?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/puppet-swift@12.4.0-4%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107219?format=json","purl":"pkg:rpm/redhat/puppet-tripleo@8.3.6-15?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/puppet-tripleo@8.3.6-15%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107226?format=json","purl":"pkg:rpm/redhat/python-os-brick@2.3.4-2?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-os-brick@2.3.4-2%3Farch=el7ost"},{"url":"http://public2.vulnerablecode.io/api/packages/107231?format=json","purl":"pkg:rpm/redhat/python-tripleoclient@9.2.6-8?arch=el7ost","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-vyg9-hnp3-wye9"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/python-tripleoclient@9.2.6-8%3Farch=el7ost"}],"references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16849.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16849.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16849","reference_id":"","reference_type":"","scores":[{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.3362","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33706","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34113","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33728","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34101","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.3415","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.33875","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34212","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34245","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34108","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34151","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34179","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0014","scoring_system":"epss","scoring_elements":"0.34137","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-16849"},{"reference_url":"https://bugs.launchpad.net/mistral/+bug/1783708","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugs.launchpad.net/mistral/+bug/1783708"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16849","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16849"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16849","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16849"},{"reference_url":"https://github.com/openstack/mistral","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/mistral"},{"reference_url":"https://github.com/openstack/mistral/commit/2309e5265a1d5f28480ae872817b5de05f66e83c","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/mistral/commit/2309e5265a1d5f28480ae872817b5de05f66e83c"},{"reference_url":"https://github.com/openstack/mistral/commit/c93b45a61f49d4633f76d8e117cd89063e7759c4","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/openstack/mistral/commit/c93b45a61f49d4633f76d8e117cd89063e7759c4"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/mistral/PYSEC-2018-92.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/mistral/PYSEC-2018-92.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1645334","reference_id":"1645334","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1645334"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912714","reference_id":"912714","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=912714"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16849","reference_id":"CVE-2018-16849","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-16849"},{"reference_url":"https://github.com/advisories/GHSA-fqw7-c6vr-q29m","reference_id":"GHSA-fqw7-c6vr-q29m","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-fqw7-c6vr-q29m"},{"reference_url":"https://usn.ubuntu.com/7465-1/","reference_id":"USN-7465-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7465-1/"}],"weaknesses":[{"cwe_id":200,"name":"Exposure of Sensitive Information to an Unauthorized Actor","description":"The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[],"severity_range_score":"4.3 - 8.9","exploitability":"0.5","weighted_severity":"8.0","risk_score":4.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vyg9-hnp3-wye9"}