[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2015-3908":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":341,"aliases":342,"duplicate_of":9,"upstream":345,"downstream":346,"duplicates":369,"related":370,"reserved_at":9,"published_at":378,"modified_at":379,"state":380,"summary":381,"references_raw":390,"kevs":438,"epss":439,"epss_history":442,"metrics":708,"affected":722},"CVE-2015-3908","Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-345","Insufficient Verification of Data Authenticity","The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.","weakness","Draft","Class",[19,23,76,88,109,113,117,121,125,129,133,337],{"id":20,"name":21,"techniques":22},"CAPEC-111","JSON Hijacking (aka JavaScript Hijacking)",[],{"id":24,"name":25,"techniques":26},"CAPEC-141","Cache Poisoning",[27],{"id":28,"name":29,"tactics":30,"countermeasures":37},"T1557.002","ARP Cache Poisoning",[31,34],{"id":32,"name":33},"TA0031","Credential Access",{"id":35,"name":36},"TA0100","Collection",[38,43,47,51,55,59,63,67,71],{"id":39,"name":40,"tactic":41},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":42},"Detect",{"id":44,"name":45,"tactic":46},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":42},{"id":48,"name":49,"tactic":50},"D3-CSPP","Client-server Payload Profiling",{"name":42},{"id":52,"name":53,"tactic":54},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":42},{"id":56,"name":57,"tactic":58},"D3-NTSA","Network Traffic Signature Analysis",{"name":42},{"id":60,"name":61,"tactic":62},"D3-APCA","Application Protocol Command Analysis",{"name":42},{"id":64,"name":65,"tactic":66},"D3-NTCD","Network Traffic Community Deviation",{"name":42},{"id":68,"name":69,"tactic":70},"D3-RTSD","Remote Terminal Session Detection",{"name":42},{"id":72,"name":73,"tactic":74},"D3-NTF","Network Traffic Filtering",{"name":75},"Isolate",{"id":77,"name":78,"techniques":79},"CAPEC-142","DNS Cache Poisoning",[80],{"id":81,"name":82,"tactics":83,"countermeasures":87},"T1584.002","DNS Server",[84],{"id":85,"name":86},"TA0042","Resource Development",[],{"id":89,"name":90,"techniques":91},"CAPEC-148","Content Spoofing",[92],{"id":93,"name":94,"tactics":95,"countermeasures":99},"T1491","Defacement",[96],{"id":97,"name":98},"TA0105","Impact",[100,105],{"id":101,"name":102,"tactic":103},"D3-DNR","Decoy Network Resource",{"name":104},"Deceive",{"id":106,"name":107,"tactic":108},"D3-NRAM","Network Resource Access Mediation",{"name":75},{"id":110,"name":111,"techniques":112},"CAPEC-218","Spoofing of UDDI/ebXML Messages",[],{"id":114,"name":115,"techniques":116},"CAPEC-384","Application API Message Manipulation via Man-in-the-Middle",[],{"id":118,"name":119,"techniques":120},"CAPEC-385","Transaction or Event Tampering via Application API Manipulation",[],{"id":122,"name":123,"techniques":124},"CAPEC-386","Application API Navigation Remapping",[],{"id":126,"name":127,"techniques":128},"CAPEC-387","Navigation Remapping To Propagate Malicious Content",[],{"id":130,"name":131,"techniques":132},"CAPEC-388","Application API Button Hijacking",[],{"id":134,"name":135,"techniques":136},"CAPEC-665","Exploitation of Thunderbolt Protection Flaws",[137,173,213],{"id":138,"name":139,"tactics":140,"countermeasures":147},"T1211","Exploitation for Stealth",[141,144],{"id":142,"name":143},"TA0030","Defense Evasion",{"id":145,"name":146},"TA0005","Stealth",[148,152,156,160,165,169],{"id":149,"name":150,"tactic":151},"D3-MBT","Memory Boundary Tracking",{"name":42},{"id":153,"name":154,"tactic":155},"D3-PCSV","Process Code Segment Verification",{"name":42},{"id":157,"name":158,"tactic":159},"D3-SSC","Shadow Stack Comparisons",{"name":42},{"id":161,"name":162,"tactic":163},"D3-PSEP","Process Segment Execution Prevention",{"name":164},"Harden",{"id":166,"name":167,"tactic":168},"D3-SAOR","Segment Address Offset Randomization",{"name":164},{"id":170,"name":171,"tactic":172},"D3-SFCV","Stack Frame Canary Validation",{"name":164},{"id":174,"name":175,"tactics":176,"countermeasures":182},"T1542.002","Component Firmware",[177,178,179],{"id":142,"name":143},{"id":145,"name":146},{"id":180,"name":181},"TA0110","Persistence",[183,188,192,196,200,204,208],{"id":184,"name":185,"tactic":186},"D3-SWI","Software Inventory",{"name":187},"Model",{"id":189,"name":190,"tactic":191},"D3-AVE","Asset Vulnerability Enumeration",{"name":187},{"id":193,"name":194,"tactic":195},"D3-FEMC","Firmware Embedded Monitoring Code",{"name":42},{"id":197,"name":198,"tactic":199},"D3-FV","Firmware Verification",{"name":42},{"id":201,"name":202,"tactic":203},"D3-FBA","Firmware Behavior Analysis",{"name":42},{"id":205,"name":206,"tactic":207},"D3-SU","Software Update",{"name":164},{"id":209,"name":210,"tactic":211},"D3-RS","Restore Software",{"name":212},"Restore",{"id":214,"name":215,"tactics":216,"countermeasures":223},"T1556","Modify Authentication Process",[217,218,221,222],{"id":142,"name":143},{"id":219,"name":220},"TA0112","Defense Impairment",{"id":180,"name":181},{"id":32,"name":33},[224,228,232,236,240,244,248,252,256,260,265,269,273,277,281,285,289,293,297,301,305,309,313,317,321,325,329,333],{"id":225,"name":226,"tactic":227},"D3-CI","Configuration Inventory",{"name":187},{"id":229,"name":230,"tactic":231},"D3-NTPM","Network Traffic Policy Mapping",{"name":187},{"id":233,"name":234,"tactic":235},"D3-AM","Access Modeling",{"name":187},{"id":237,"name":238,"tactic":239},"D3-FA","File Analysis",{"name":42},{"id":241,"name":242,"tactic":243},"D3-FIM","File Integrity Monitoring",{"name":42},{"id":245,"name":246,"tactic":247},"D3-PLA","Process Lineage Analysis",{"name":42},{"id":249,"name":250,"tactic":251},"D3-PSMD","Process Self-Modification Detection",{"name":42},{"id":253,"name":254,"tactic":255},"D3-PSA","Process Spawn Analysis",{"name":42},{"id":257,"name":258,"tactic":259},"D3-SFA","System File Analysis",{"name":42},{"id":261,"name":262,"tactic":263},"D3-FEV","File Eviction",{"name":264},"Evict",{"id":266,"name":267,"tactic":268},"D3-PT","Process Termination",{"name":264},{"id":270,"name":271,"tactic":272},"D3-PS","Process Suspension",{"name":264},{"id":274,"name":275,"tactic":276},"D3-HR","Host Reboot",{"name":264},{"id":278,"name":279,"tactic":280},"D3-HS","Host Shutdown",{"name":264},{"id":282,"name":283,"tactic":284},"D3-DF","Decoy File",{"name":104},{"id":286,"name":287,"tactic":288},"D3-FE","File Encryption",{"name":164},{"id":290,"name":291,"tactic":292},"D3-RF","Restore File",{"name":212},{"id":294,"name":295,"tactic":296},"D3-RC","Restore Configuration",{"name":212},{"id":298,"name":299,"tactic":300},"D3-CF","Content Filtering",{"name":75},{"id":302,"name":303,"tactic":304},"D3-LFP","Local File Permissions",{"name":75},{"id":306,"name":307,"tactic":308},"D3-RFAM","Remote File Access Mediation",{"name":75},{"id":310,"name":311,"tactic":312},"D3-CQ","Content Quarantine",{"name":75},{"id":314,"name":315,"tactic":316},"D3-CM","Content Modification",{"name":75},{"id":318,"name":319,"tactic":320},"D3-KBPI","Kernel-based Process Isolation",{"name":75},{"id":322,"name":323,"tactic":324},"D3-SCF","System Call Filtering",{"name":75},{"id":326,"name":327,"tactic":328},"D3-HBPI","Hardware-based Process Isolation",{"name":75},{"id":330,"name":331,"tactic":332},"D3-ABPI","Application-based Process Isolation",{"name":75},{"id":334,"name":335,"tactic":336},"D3-WSAM","Web Session Access Mediation",{"name":75},{"id":338,"name":339,"techniques":340},"CAPEC-701","Browser in the Middle (BiTM)",[],[],[343,344],"GHSA-w64c-pxjj-h866","PYSEC-2015-1",[],[347,349,351,353,355,357,359,361,363,365,367],{"_key":348},"OPENSUSE-SU-2024:14244-1",{"_key":350},"UBUNTU-CVE-2015-3908",{"_key":352},"OPENSUSE-SU-2024:10326-1",{"_key":354},"OPENSUSE-SU-2024:14536-1",{"_key":356},"OPENSUSE-SU-2025:15753-1",{"_key":358},"DLA-1923-1",{"_key":360},"OPENSUSE-SU-2025:15605-1",{"_key":362},"MGASA-2015-0292",{"_key":364},"DEBIAN-CVE-2015-3908",{"_key":366},"USN-7330-1",{"_key":368},"OPENSUSE-SU-2026:10944-1",[],[371,372,373,374,375,376,377],{"_key":348},{"_key":352},{"_key":354},{"_key":356},{"_key":360},{"_key":362},{"_key":368},"2015-08-12T14:00:00.000Z","2024-08-06T05:56:16.144Z","Modified",{"cisa_kev":382,"cisa_ransomware":382,"cisa_vendor":9,"epss_severity":383,"epss_score":384,"severity":385,"severity_score":386,"severity_version":387,"severity_source":388,"severity_vector":389,"severity_status":380},false,"low",0.00216,"medium",4.3,"v2.0","nvd","AV:N/AC:M/Au:N/C:N/I:P/A:N",[391,400,407,412,416,420,425,429,434],{"url":392,"sources":393,"tags":396},"http://www.openwall.com/lists/oss-security/2015/07/14/4",[394,388,395],"cve.org","osv_pypi",[397,398,399],"Mailing List","X Refsource MLIST","WEB",{"url":401,"sources":402,"tags":403},"http://lists.opensuse.org/opensuse-updates/2015-07/msg00051.html",[394,388,395],[404,405,406,399],"Vendor Advisory","X Refsource SUSE","Third Party Advisory",{"url":408,"sources":409,"tags":410},"http://www.ansible.com/security",[394,388,395],[411,404,399],"X Refsource CONFIRM",{"url":413,"sources":414,"tags":415},"http://lists.opensuse.org/opensuse-updates/2015-08/msg00029.html",[394,388,395],[404,405,406,399],{"url":417,"sources":418,"tags":419},"https://lists.debian.org/debian-lts-announce/2019/09/msg00016.html",[394,388,395],[397,398,399],{"url":421,"sources":422,"tags":423},"https://nvd.nist.gov/vuln/detail/CVE-2015-3908",[395],[424],"Advisory",{"url":426,"sources":427,"tags":428},"https://github.com/advisories/GHSA-w64c-pxjj-h866",[395],[424],{"url":430,"sources":431,"tags":432},"https://github.com/ansible/ansible",[395],[433],"PACKAGE",{"url":435,"sources":436,"tags":437},"https://github.com/pypa/advisory-database/tree/main/vulns/ansible/PYSEC-2015-1.yaml",[395],[399],[],{"date":440,"score":384,"percentile":441},"2026-06-04",0.44191,[443,447,450,453,456,459,462,465,468,471,474,477,480,483,486,489,492,495,498,501,504,507,510,513,516,519,522,525,528,531,534,537,540,543,546,549,552,555,558,561,563,566,569,572,575,578,581,584,587,590,593,596,599,602,605,608,610,613,616,618,621,624,627,630,633,636,638,641,643,646,649,652,655,658,660,663,666,669,672,675,678,681,684,687,690,693,696,699,702,705],{"date":444,"score":445,"percentile":446},"2025-11-04",0.0008,0.2441,{"date":448,"score":445,"percentile":449},"2025-11-05",0.24393,{"date":451,"score":445,"percentile":452},"2025-11-06",0.244,{"date":454,"score":445,"percentile":455},"2025-11-07",0.24407,{"date":457,"score":445,"percentile":458},"2025-11-08",0.24412,{"date":460,"score":445,"percentile":461},"2025-11-09",0.2437,{"date":463,"score":445,"percentile":464},"2025-11-10",0.2433,{"date":466,"score":445,"percentile":467},"2025-11-11",0.24335,{"date":469,"score":445,"percentile":470},"2025-11-12",0.24363,{"date":472,"score":445,"percentile":473},"2025-11-13",0.24368,{"date":475,"score":445,"percentile":476},"2025-11-14",0.24359,{"date":478,"score":445,"percentile":479},"2025-11-15",0.24343,{"date":481,"score":445,"percentile":482},"2025-11-16",0.24296,{"date":484,"score":445,"percentile":485},"2025-11-17",0.24251,{"date":487,"score":445,"percentile":488},"2025-11-18",0.19907,{"date":490,"score":445,"percentile":491},"2025-11-19",0.19925,{"date":493,"score":445,"percentile":494},"2025-11-20",0.19899,{"date":496,"score":445,"percentile":497},"2025-11-21",0.24176,{"date":499,"score":445,"percentile":500},"2025-11-22",0.24173,{"date":502,"score":445,"percentile":503},"2025-11-23",0.2412,{"date":505,"score":445,"percentile":506},"2025-11-24",0.24089,{"date":508,"score":445,"percentile":509},"2025-11-25",0.24079,{"date":511,"score":445,"percentile":512},"2025-11-26",0.24065,{"date":514,"score":445,"percentile":515},"2025-11-27",0.24061,{"date":517,"score":445,"percentile":518},"2025-11-28",0.24038,{"date":520,"score":445,"percentile":521},"2025-11-29",0.24018,{"date":523,"score":445,"percentile":524},"2025-11-30",0.23995,{"date":526,"score":445,"percentile":527},"2025-12-01",0.24039,{"date":529,"score":445,"percentile":530},"2025-12-02",0.2406,{"date":532,"score":445,"percentile":533},"2025-12-03",0.24071,{"date":535,"score":445,"percentile":536},"2025-12-04",0.23996,{"date":538,"score":445,"percentile":539},"2025-12-05",0.24044,{"date":541,"score":445,"percentile":542},"2025-12-06",0.24042,{"date":544,"score":445,"percentile":545},"2025-12-07",0.24004,{"date":547,"score":445,"percentile":548},"2025-12-08",0.24009,{"date":550,"score":445,"percentile":551},"2025-12-09",0.24066,{"date":553,"score":445,"percentile":554},"2025-12-10",0.24135,{"date":556,"score":445,"percentile":557},"2025-12-11",0.24158,{"date":559,"score":445,"percentile":560},"2025-12-12",0.24175,{"date":562,"score":445,"percentile":497},"2025-12-13",{"date":564,"score":445,"percentile":565},"2025-12-14",0.24147,{"date":567,"score":445,"percentile":568},"2025-12-15",0.24125,{"date":570,"score":445,"percentile":571},"2025-12-16",0.24148,{"date":573,"score":445,"percentile":574},"2025-12-17",0.24226,{"date":576,"score":445,"percentile":577},"2025-12-18",0.24288,{"date":579,"score":445,"percentile":580},"2025-12-19",0.24305,{"date":582,"score":445,"percentile":583},"2025-12-20",0.24273,{"date":585,"score":445,"percentile":586},"2025-12-21",0.24219,{"date":588,"score":445,"percentile":589},"2025-12-22",0.24178,{"date":591,"score":445,"percentile":592},"2025-12-23",0.24154,{"date":594,"score":445,"percentile":595},"2025-12-24",0.24166,{"date":597,"score":445,"percentile":598},"2025-12-25",0.24246,{"date":600,"score":445,"percentile":601},"2025-12-26",0.24233,{"date":603,"score":445,"percentile":604},"2025-12-27",0.24231,{"date":606,"score":445,"percentile":607},"2025-12-28",0.24096,{"date":609,"score":445,"percentile":551},"2025-12-29",{"date":611,"score":445,"percentile":612},"2025-12-30",0.24057,{"date":614,"score":445,"percentile":615},"2025-12-31",0.24131,{"date":617,"score":445,"percentile":601},"2026-01-01",{"date":619,"score":445,"percentile":620},"2026-01-02",0.24225,{"date":622,"score":445,"percentile":623},"2026-01-03",0.24203,{"date":625,"score":445,"percentile":626},"2026-01-04",0.24109,{"date":628,"score":445,"percentile":629},"2026-01-05",0.2409,{"date":631,"score":445,"percentile":632},"2026-01-06",0.24097,{"date":634,"score":445,"percentile":635},"2026-01-07",0.24126,{"date":637,"score":445,"percentile":500},"2026-01-08",{"date":639,"score":445,"percentile":640},"2026-01-09",0.24153,{"date":642,"score":445,"percentile":568},"2026-01-10",{"date":644,"score":445,"percentile":645},"2026-01-11",0.24103,{"date":647,"score":445,"percentile":648},"2026-01-12",0.24067,{"date":650,"score":445,"percentile":651},"2026-01-13",0.24043,{"date":653,"score":445,"percentile":654},"2026-01-14",0.24108,{"date":656,"score":445,"percentile":657},"2026-01-15",0.24102,{"date":659,"score":445,"percentile":554},"2026-01-16",{"date":661,"score":445,"percentile":662},"2026-01-17",0.24134,{"date":664,"score":445,"percentile":665},"2026-01-18",0.24101,{"date":667,"score":445,"percentile":668},"2026-01-19",0.24054,{"date":670,"score":445,"percentile":671},"2026-01-20",0.24034,{"date":673,"score":445,"percentile":674},"2026-01-21",0.2398,{"date":676,"score":445,"percentile":677},"2026-01-22",0.23967,{"date":679,"score":445,"percentile":680},"2026-01-23",0.24052,{"date":682,"score":445,"percentile":683},"2026-01-24",0.24062,{"date":685,"score":445,"percentile":686},"2026-01-25",0.23981,{"date":688,"score":445,"percentile":689},"2026-01-26",0.23882,{"date":691,"score":445,"percentile":692},"2026-01-27",0.23874,{"date":694,"score":445,"percentile":695},"2026-01-28",0.23872,{"date":697,"score":445,"percentile":698},"2026-01-29",0.23827,{"date":700,"score":445,"percentile":701},"2026-01-30",0.23821,{"date":703,"score":445,"percentile":704},"2026-01-31",0.23817,{"date":706,"score":445,"percentile":707},"2026-02-01",0.23863,[709,713],{"source":388,"cvss_v2_0":710,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":386,"baseSeverity":9,"vectorString":389,"impactScore":711,"exploitabilityScore":712},2.9,8.6,{"source":395,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":714,"cvss_v4_0":719},{"baseScore":715,"baseSeverity":9,"vectorString":716,"impactScore":717,"exploitabilityScore":718},7.5,"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",6,10,{"baseScore":720,"baseSeverity":9,"vectorString":721,"impactScore":9,"exploitabilityScore":9},8.7,"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",[723,734],{"ecosystem":724,"name":725,"vendor":724,"product":725,"cpe_part":9,"purl_type":726,"purl_namespace":9,"purl_name":725,"source":9,"versions":727},"PyPI","ansible","pypi",[728],{"version":729,"is_range":730,"range_type":731,"version_start":9,"version_start_type":9,"version_end":732,"version_end_type":733,"fixed_in":9},"lt1_9_2",true,"ecosystem","1.9.2","excluding",{"ecosystem":9,"name":725,"vendor":735,"product":725,"cpe_part":736,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":737},"redhat","a",[738],{"version":739,"is_range":730,"range_type":740,"version_start":9,"version_start_type":9,"version_end":741,"version_end_type":742,"fixed_in":9},"lte1.9.1","cpe","1.9.1","including"]