Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-bt3p-h1js-53gg
SummaryVersions of Puppet Agent prior to 1.6.0 included a version of the Puppet Execution Protocol (PXP) agent that passed environment variables through to Puppet runs. This could allow unauthorized code to be loaded. This bug was first introduced in Puppet Agent 1.3.0.
Aliases
0
alias CVE-2016-5713
Fixed_packages
0
url pkg:deb/debian/puppet@4.7.0-1?distro=bullseye
purl pkg:deb/debian/puppet@4.7.0-1?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@4.7.0-1%3Fdistro=bullseye
1
url pkg:deb/debian/puppet@4.8.2-5~bpo8%2B1
purl pkg:deb/debian/puppet@4.8.2-5~bpo8%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18aq-72zg-3uc9
1
vulnerability VCID-8xgm-pabz-hkeg
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@4.8.2-5~bpo8%252B1
2
url pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
purl pkg:deb/debian/puppet@5.5.22-2?distro=bullseye
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@5.5.22-2%3Fdistro=bullseye
Affected_packages
0
url pkg:deb/debian/puppet@0.20.1-1
purl pkg:deb/debian/puppet@0.20.1-1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18aq-72zg-3uc9
1
vulnerability VCID-2jc8-n1j4-m7c6
2
vulnerability VCID-3kma-3ffw-8qd9
3
vulnerability VCID-3zzj-krc5-skea
4
vulnerability VCID-5g6u-uvej-xbad
5
vulnerability VCID-5qhd-8wfe-27dy
6
vulnerability VCID-72s2-y7m6-kuf6
7
vulnerability VCID-73uh-2gkm-6kgy
8
vulnerability VCID-75gs-2gu3-6udx
9
vulnerability VCID-7jtp-a1nw-bqfs
10
vulnerability VCID-7ypq-wmb7-quhc
11
vulnerability VCID-8xgm-pabz-hkeg
12
vulnerability VCID-a7cn-eqbq-qyb1
13
vulnerability VCID-absc-ndrs-yqep
14
vulnerability VCID-b94j-dcjk-eqeu
15
vulnerability VCID-bt3p-h1js-53gg
16
vulnerability VCID-fdk4-8wtn-nqct
17
vulnerability VCID-fjbx-bqnn-2bf3
18
vulnerability VCID-h88b-abes-3bgr
19
vulnerability VCID-jhkk-5euf-uked
20
vulnerability VCID-kkve-dj7r-gue1
21
vulnerability VCID-kt2h-k72f-tqc7
22
vulnerability VCID-nf2h-5vd2-6kb1
23
vulnerability VCID-pdpa-qfpq-zkcq
24
vulnerability VCID-pgg8-9sk2-57ee
25
vulnerability VCID-rfcx-7kc9-mbcr
26
vulnerability VCID-rrky-upea-nfd4
27
vulnerability VCID-sweb-hbec-k3ha
28
vulnerability VCID-tetf-xa1u-uffv
29
vulnerability VCID-txx3-3fzg-33cp
30
vulnerability VCID-v9kt-4vxm-ekdw
31
vulnerability VCID-vgbw-4yuu-57fz
32
vulnerability VCID-vrzs-81t1-jyax
33
vulnerability VCID-wage-71h9-6qay
34
vulnerability VCID-wdwr-8m6q-kff5
35
vulnerability VCID-wkb1-dm1m-67db
36
vulnerability VCID-ww8x-tzxr-4qbn
37
vulnerability VCID-yycs-ny3v-pyeh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@0.20.1-1
1
url pkg:deb/debian/puppet@0.24.5-3%2Blenny2
purl pkg:deb/debian/puppet@0.24.5-3%2Blenny2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18aq-72zg-3uc9
1
vulnerability VCID-2jc8-n1j4-m7c6
2
vulnerability VCID-3kma-3ffw-8qd9
3
vulnerability VCID-3zzj-krc5-skea
4
vulnerability VCID-5g6u-uvej-xbad
5
vulnerability VCID-5qhd-8wfe-27dy
6
vulnerability VCID-72s2-y7m6-kuf6
7
vulnerability VCID-73uh-2gkm-6kgy
8
vulnerability VCID-75gs-2gu3-6udx
9
vulnerability VCID-7jtp-a1nw-bqfs
10
vulnerability VCID-7ypq-wmb7-quhc
11
vulnerability VCID-8xgm-pabz-hkeg
12
vulnerability VCID-a7cn-eqbq-qyb1
13
vulnerability VCID-absc-ndrs-yqep
14
vulnerability VCID-b94j-dcjk-eqeu
15
vulnerability VCID-bt3p-h1js-53gg
16
vulnerability VCID-fdk4-8wtn-nqct
17
vulnerability VCID-fjbx-bqnn-2bf3
18
vulnerability VCID-h88b-abes-3bgr
19
vulnerability VCID-jhkk-5euf-uked
20
vulnerability VCID-kkve-dj7r-gue1
21
vulnerability VCID-kt2h-k72f-tqc7
22
vulnerability VCID-nf2h-5vd2-6kb1
23
vulnerability VCID-pdpa-qfpq-zkcq
24
vulnerability VCID-pgg8-9sk2-57ee
25
vulnerability VCID-rfcx-7kc9-mbcr
26
vulnerability VCID-rrky-upea-nfd4
27
vulnerability VCID-sweb-hbec-k3ha
28
vulnerability VCID-tetf-xa1u-uffv
29
vulnerability VCID-txx3-3fzg-33cp
30
vulnerability VCID-v9kt-4vxm-ekdw
31
vulnerability VCID-vgbw-4yuu-57fz
32
vulnerability VCID-vrzs-81t1-jyax
33
vulnerability VCID-wage-71h9-6qay
34
vulnerability VCID-wdwr-8m6q-kff5
35
vulnerability VCID-wkb1-dm1m-67db
36
vulnerability VCID-ww8x-tzxr-4qbn
37
vulnerability VCID-yycs-ny3v-pyeh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@0.24.5-3%252Blenny2
2
url pkg:deb/debian/puppet@2.6.2-5%2Bsqueeze9
purl pkg:deb/debian/puppet@2.6.2-5%2Bsqueeze9
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18aq-72zg-3uc9
1
vulnerability VCID-2jc8-n1j4-m7c6
2
vulnerability VCID-3kma-3ffw-8qd9
3
vulnerability VCID-3zzj-krc5-skea
4
vulnerability VCID-5g6u-uvej-xbad
5
vulnerability VCID-72s2-y7m6-kuf6
6
vulnerability VCID-73uh-2gkm-6kgy
7
vulnerability VCID-75gs-2gu3-6udx
8
vulnerability VCID-7jtp-a1nw-bqfs
9
vulnerability VCID-7ypq-wmb7-quhc
10
vulnerability VCID-8xgm-pabz-hkeg
11
vulnerability VCID-a7cn-eqbq-qyb1
12
vulnerability VCID-b94j-dcjk-eqeu
13
vulnerability VCID-bt3p-h1js-53gg
14
vulnerability VCID-fdk4-8wtn-nqct
15
vulnerability VCID-fjbx-bqnn-2bf3
16
vulnerability VCID-h88b-abes-3bgr
17
vulnerability VCID-jhkk-5euf-uked
18
vulnerability VCID-kkve-dj7r-gue1
19
vulnerability VCID-kt2h-k72f-tqc7
20
vulnerability VCID-nf2h-5vd2-6kb1
21
vulnerability VCID-pdpa-qfpq-zkcq
22
vulnerability VCID-pgg8-9sk2-57ee
23
vulnerability VCID-rfcx-7kc9-mbcr
24
vulnerability VCID-rrky-upea-nfd4
25
vulnerability VCID-sweb-hbec-k3ha
26
vulnerability VCID-tetf-xa1u-uffv
27
vulnerability VCID-txx3-3fzg-33cp
28
vulnerability VCID-v9kt-4vxm-ekdw
29
vulnerability VCID-vgbw-4yuu-57fz
30
vulnerability VCID-vrzs-81t1-jyax
31
vulnerability VCID-wage-71h9-6qay
32
vulnerability VCID-wdwr-8m6q-kff5
33
vulnerability VCID-wkb1-dm1m-67db
34
vulnerability VCID-yycs-ny3v-pyeh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@2.6.2-5%252Bsqueeze9
3
url pkg:deb/debian/puppet@2.6.2-5%2Bsqueeze10
purl pkg:deb/debian/puppet@2.6.2-5%2Bsqueeze10
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18aq-72zg-3uc9
1
vulnerability VCID-2jc8-n1j4-m7c6
2
vulnerability VCID-3kma-3ffw-8qd9
3
vulnerability VCID-3zzj-krc5-skea
4
vulnerability VCID-5g6u-uvej-xbad
5
vulnerability VCID-72s2-y7m6-kuf6
6
vulnerability VCID-73uh-2gkm-6kgy
7
vulnerability VCID-75gs-2gu3-6udx
8
vulnerability VCID-7jtp-a1nw-bqfs
9
vulnerability VCID-7ypq-wmb7-quhc
10
vulnerability VCID-8xgm-pabz-hkeg
11
vulnerability VCID-a7cn-eqbq-qyb1
12
vulnerability VCID-b94j-dcjk-eqeu
13
vulnerability VCID-bt3p-h1js-53gg
14
vulnerability VCID-fdk4-8wtn-nqct
15
vulnerability VCID-fjbx-bqnn-2bf3
16
vulnerability VCID-h88b-abes-3bgr
17
vulnerability VCID-jhkk-5euf-uked
18
vulnerability VCID-kkve-dj7r-gue1
19
vulnerability VCID-kt2h-k72f-tqc7
20
vulnerability VCID-nf2h-5vd2-6kb1
21
vulnerability VCID-pdpa-qfpq-zkcq
22
vulnerability VCID-pgg8-9sk2-57ee
23
vulnerability VCID-rfcx-7kc9-mbcr
24
vulnerability VCID-rrky-upea-nfd4
25
vulnerability VCID-sweb-hbec-k3ha
26
vulnerability VCID-tetf-xa1u-uffv
27
vulnerability VCID-txx3-3fzg-33cp
28
vulnerability VCID-v9kt-4vxm-ekdw
29
vulnerability VCID-vgbw-4yuu-57fz
30
vulnerability VCID-vrzs-81t1-jyax
31
vulnerability VCID-wage-71h9-6qay
32
vulnerability VCID-wdwr-8m6q-kff5
33
vulnerability VCID-wkb1-dm1m-67db
34
vulnerability VCID-yycs-ny3v-pyeh
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@2.6.2-5%252Bsqueeze10
4
url pkg:deb/debian/puppet@2.7.23-1~deb7u3
purl pkg:deb/debian/puppet@2.7.23-1~deb7u3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18aq-72zg-3uc9
1
vulnerability VCID-3kma-3ffw-8qd9
2
vulnerability VCID-5g6u-uvej-xbad
3
vulnerability VCID-73uh-2gkm-6kgy
4
vulnerability VCID-7ypq-wmb7-quhc
5
vulnerability VCID-8xgm-pabz-hkeg
6
vulnerability VCID-bt3p-h1js-53gg
7
vulnerability VCID-fjbx-bqnn-2bf3
8
vulnerability VCID-kkve-dj7r-gue1
9
vulnerability VCID-wkb1-dm1m-67db
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@2.7.23-1~deb7u3
5
url pkg:deb/debian/puppet@3.7.2-4
purl pkg:deb/debian/puppet@3.7.2-4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18aq-72zg-3uc9
1
vulnerability VCID-8xgm-pabz-hkeg
2
vulnerability VCID-bt3p-h1js-53gg
3
vulnerability VCID-wkb1-dm1m-67db
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@3.7.2-4
6
url pkg:deb/debian/puppet@3.7.2-4%2Bdeb8u1~bpo70%2B1
purl pkg:deb/debian/puppet@3.7.2-4%2Bdeb8u1~bpo70%2B1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18aq-72zg-3uc9
1
vulnerability VCID-8xgm-pabz-hkeg
2
vulnerability VCID-bt3p-h1js-53gg
3
vulnerability VCID-wkb1-dm1m-67db
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@3.7.2-4%252Bdeb8u1~bpo70%252B1
7
url pkg:deb/debian/puppet@3.7.2-4%2Bdeb8u1
purl pkg:deb/debian/puppet@3.7.2-4%2Bdeb8u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-18aq-72zg-3uc9
1
vulnerability VCID-8xgm-pabz-hkeg
2
vulnerability VCID-bt3p-h1js-53gg
3
vulnerability VCID-wkb1-dm1m-67db
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/puppet@3.7.2-4%252Bdeb8u1
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5713
reference_id
reference_type
scores
0
value 0.0112
scoring_system epss
scoring_elements 0.78441
published_at 2026-05-15T12:55:00Z
1
value 0.0112
scoring_system epss
scoring_elements 0.78427
published_at 2026-05-14T12:55:00Z
2
value 0.0112
scoring_system epss
scoring_elements 0.78185
published_at 2026-04-01T12:55:00Z
3
value 0.0112
scoring_system epss
scoring_elements 0.78194
published_at 2026-04-02T12:55:00Z
4
value 0.0112
scoring_system epss
scoring_elements 0.78224
published_at 2026-04-04T12:55:00Z
5
value 0.0112
scoring_system epss
scoring_elements 0.78206
published_at 2026-04-07T12:55:00Z
6
value 0.0112
scoring_system epss
scoring_elements 0.78232
published_at 2026-04-08T12:55:00Z
7
value 0.0112
scoring_system epss
scoring_elements 0.78238
published_at 2026-04-09T12:55:00Z
8
value 0.0112
scoring_system epss
scoring_elements 0.78264
published_at 2026-04-11T12:55:00Z
9
value 0.0112
scoring_system epss
scoring_elements 0.78247
published_at 2026-04-12T12:55:00Z
10
value 0.0112
scoring_system epss
scoring_elements 0.78242
published_at 2026-04-13T12:55:00Z
11
value 0.0112
scoring_system epss
scoring_elements 0.78274
published_at 2026-04-16T12:55:00Z
12
value 0.0112
scoring_system epss
scoring_elements 0.78271
published_at 2026-04-18T12:55:00Z
13
value 0.0112
scoring_system epss
scoring_elements 0.78268
published_at 2026-04-21T12:55:00Z
14
value 0.0112
scoring_system epss
scoring_elements 0.78301
published_at 2026-04-24T12:55:00Z
15
value 0.0112
scoring_system epss
scoring_elements 0.78307
published_at 2026-04-26T12:55:00Z
16
value 0.0112
scoring_system epss
scoring_elements 0.78323
published_at 2026-04-29T12:55:00Z
17
value 0.0112
scoring_system epss
scoring_elements 0.78336
published_at 2026-05-05T12:55:00Z
18
value 0.0112
scoring_system epss
scoring_elements 0.78361
published_at 2026-05-07T12:55:00Z
19
value 0.0112
scoring_system epss
scoring_elements 0.78377
published_at 2026-05-09T12:55:00Z
20
value 0.0112
scoring_system epss
scoring_elements 0.78372
published_at 2026-05-11T12:55:00Z
21
value 0.0112
scoring_system epss
scoring_elements 0.78388
published_at 2026-05-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5713
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5713
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5713
2
reference_url https://puppet.com/security/cve/cve-2016-5713
reference_id
reference_type
scores
url https://puppet.com/security/cve/cve-2016-5713
3
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:puppet:puppet_agent:*:*:*:*:*:*:*:*
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5713
reference_id CVE-2016-5713
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://nvd.nist.gov/vuln/detail/CVE-2016-5713
Weaknesses
0
cwe_id 94
name Improper Control of Generation of Code ('Code Injection')
description The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.
Exploits
Severity_range_score7.5 - 9.8
Exploitability0.5
Weighted_severity8.8
Risk_score4.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-bt3p-h1js-53gg