Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-gxet-je8c-6bdx
Summarycockpit-ovirt: admin and appliance passwords saved in plain text variable file during HE deployment
Aliases
0
alias CVE-2019-10139
Fixed_packages
Affected_packages
0
url pkg:rpm/redhat/cockpit-ovirt@0.13.5-1?arch=el7ev
purl pkg:rpm/redhat/cockpit-ovirt@0.13.5-1?arch=el7ev
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-gxet-je8c-6bdx
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/cockpit-ovirt@0.13.5-1%3Farch=el7ev
1
url pkg:rpm/redhat/imgbased@1.1.9-0.1?arch=el7ev
purl pkg:rpm/redhat/imgbased@1.1.9-0.1?arch=el7ev
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1taa-a9e4-tbc5
1
vulnerability VCID-5q23-97z3-ybhz
2
vulnerability VCID-g5b3-53m2-yug1
3
vulnerability VCID-gxet-je8c-6bdx
4
vulnerability VCID-q448-gmmp-pkaa
5
vulnerability VCID-yn22-35eg-1khb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/imgbased@1.1.9-0.1%3Farch=el7ev
2
url pkg:rpm/redhat/ovirt-node-ng@4.3.5-0.20190717.0?arch=el7ev
purl pkg:rpm/redhat/ovirt-node-ng@4.3.5-0.20190717.0?arch=el7ev
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1taa-a9e4-tbc5
1
vulnerability VCID-5q23-97z3-ybhz
2
vulnerability VCID-g5b3-53m2-yug1
3
vulnerability VCID-gxet-je8c-6bdx
4
vulnerability VCID-q448-gmmp-pkaa
5
vulnerability VCID-yn22-35eg-1khb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ovirt-node-ng@4.3.5-0.20190717.0%3Farch=el7ev
3
url pkg:rpm/redhat/redhat-release-virtualization-host@4.3.5-2?arch=el7ev
purl pkg:rpm/redhat/redhat-release-virtualization-host@4.3.5-2?arch=el7ev
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1taa-a9e4-tbc5
1
vulnerability VCID-5q23-97z3-ybhz
2
vulnerability VCID-g5b3-53m2-yug1
3
vulnerability VCID-gxet-je8c-6bdx
4
vulnerability VCID-q448-gmmp-pkaa
5
vulnerability VCID-yn22-35eg-1khb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/redhat-release-virtualization-host@4.3.5-2%3Farch=el7ev
4
url pkg:rpm/redhat/redhat-virtualization-host@4.3.5-20190722.0?arch=el7_7
purl pkg:rpm/redhat/redhat-virtualization-host@4.3.5-20190722.0?arch=el7_7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1taa-a9e4-tbc5
1
vulnerability VCID-5q23-97z3-ybhz
2
vulnerability VCID-g5b3-53m2-yug1
3
vulnerability VCID-gxet-je8c-6bdx
4
vulnerability VCID-q448-gmmp-pkaa
5
vulnerability VCID-yn22-35eg-1khb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/redhat-virtualization-host@4.3.5-20190722.0%3Farch=el7_7
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10139.json
reference_id
reference_type
scores
0
value 5.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10139.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10139
reference_id
reference_type
scores
0
value 0.00047
scoring_system epss
scoring_elements 0.14537
published_at 2026-05-14T12:55:00Z
1
value 0.00047
scoring_system epss
scoring_elements 0.14365
published_at 2026-04-21T12:55:00Z
2
value 0.00047
scoring_system epss
scoring_elements 0.14394
published_at 2026-04-24T12:55:00Z
3
value 0.00047
scoring_system epss
scoring_elements 0.14369
published_at 2026-04-26T12:55:00Z
4
value 0.00047
scoring_system epss
scoring_elements 0.14313
published_at 2026-04-29T12:55:00Z
5
value 0.00047
scoring_system epss
scoring_elements 0.14175
published_at 2026-05-05T12:55:00Z
6
value 0.00047
scoring_system epss
scoring_elements 0.14326
published_at 2026-05-07T12:55:00Z
7
value 0.00047
scoring_system epss
scoring_elements 0.14418
published_at 2026-05-09T12:55:00Z
8
value 0.00047
scoring_system epss
scoring_elements 0.14411
published_at 2026-05-11T12:55:00Z
9
value 0.00047
scoring_system epss
scoring_elements 0.14453
published_at 2026-05-12T12:55:00Z
10
value 0.00047
scoring_system epss
scoring_elements 0.14297
published_at 2026-04-18T12:55:00Z
11
value 0.00049
scoring_system epss
scoring_elements 0.15142
published_at 2026-04-02T12:55:00Z
12
value 0.00049
scoring_system epss
scoring_elements 0.1521
published_at 2026-04-04T12:55:00Z
13
value 0.00049
scoring_system epss
scoring_elements 0.15015
published_at 2026-04-07T12:55:00Z
14
value 0.00049
scoring_system epss
scoring_elements 0.15153
published_at 2026-04-09T12:55:00Z
15
value 0.00049
scoring_system epss
scoring_elements 0.15121
published_at 2026-04-11T12:55:00Z
16
value 0.00049
scoring_system epss
scoring_elements 0.15082
published_at 2026-04-12T12:55:00Z
17
value 0.00049
scoring_system epss
scoring_elements 0.15022
published_at 2026-04-13T12:55:00Z
18
value 0.00049
scoring_system epss
scoring_elements 0.14917
published_at 2026-04-16T12:55:00Z
19
value 0.00049
scoring_system epss
scoring_elements 0.15102
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10139
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1709829
reference_id 1709829
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1709829
3
reference_url https://access.redhat.com/errata/RHSA-2019:2433
reference_id RHSA-2019:2433
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2433
4
reference_url https://access.redhat.com/errata/RHSA-2019:2437
reference_id RHSA-2019:2437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2437
Weaknesses
0
cwe_id 522
name Insufficiently Protected Credentials
description The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
Exploits
Severity_range_score5.6 - 5.6
Exploitability0.5
Weighted_severity5.0
Risk_score2.5
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-gxet-je8c-6bdx