[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-1000226":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":548,"aliases":549,"duplicate_of":9,"upstream":551,"downstream":552,"duplicates":571,"related":572,"reserved_at":9,"published_at":580,"modified_at":581,"state":582,"summary":583,"references_raw":591,"kevs":622,"epss":623,"epss_history":626,"metrics":847,"affected":858},"CVE-2018-1000226","Cobbler version Verified as present in Cobbler versions 2.6.11+, but code inspection suggests at least 2.0.0+ or possibly even older versions may be vulnerable contains a Incorrect Access Control vulnerability in XMLRPC API (/cobbler_api) that can result in Privilege escalation, data manipulation or exfiltration, LDAP credential harvesting. This attack appear to be exploitable via \"network connectivity\". Taking advantage of improper validation of security tokens in API endpoints. Please note this is a different issue than CVE-2018-10931.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-732","Incorrect Permission Assignment for Critical Resource","The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.","weakness","Draft","Class","High",[20,68,222,256,298,320,333,337,498,502,506],{"id":21,"name":22,"techniques":23},"CAPEC-1","Accessing Functionality Not Properly Constrained by ACLs",[24],{"id":25,"name":26,"tactics":27,"countermeasures":43},"T1574.010","Services File Permissions Weakness",[28,31,34,37,40],{"id":29,"name":30},"TA0110","Persistence",{"id":32,"name":33},"TA0111","Privilege Escalation",{"id":35,"name":36},"TA0030","Defense Evasion",{"id":38,"name":39},"TA0005","Stealth",{"id":41,"name":42},"TA0104","Execution",[44,49,53,58,63],{"id":45,"name":46,"tactic":47},"D3-SWI","Software Inventory",{"name":48},"Model",{"id":50,"name":51,"tactic":52},"D3-AVE","Asset Vulnerability Enumeration",{"name":48},{"id":54,"name":55,"tactic":56},"D3-SBV","Service Binary Verification",{"name":57},"Detect",{"id":59,"name":60,"tactic":61},"D3-SU","Software Update",{"name":62},"Harden",{"id":64,"name":65,"tactic":66},"D3-RS","Restore Software",{"name":67},"Restore",{"id":69,"name":70,"techniques":71},"CAPEC-122","Privilege Abuse",[72],{"id":73,"name":74,"tactics":75,"countermeasures":78},"T1548","Abuse Elevation Control Mechanism",[76,77],{"id":35,"name":36},{"id":32,"name":33},[79,83,87,91,95,99,103,107,111,115,119,123,127,131,136,140,145,149,153,157,161,165,169,173,177,181,186,190,194,198,202,206,210,214,218],{"id":80,"name":81,"tactic":82},"D3-CI","Configuration Inventory",{"name":48},{"id":84,"name":85,"tactic":86},"D3-AM","Access Modeling",{"name":48},{"id":88,"name":89,"tactic":90},"D3-DI","Data Inventory",{"name":48},{"id":92,"name":93,"tactic":94},"D3-NTPM","Network Traffic Policy Mapping",{"name":48},{"id":96,"name":97,"tactic":98},"D3-AEM","Application Exception Monitoring",{"name":57},{"id":100,"name":101,"tactic":102},"D3-SCA","System Call Analysis",{"name":57},{"id":104,"name":105,"tactic":106},"D3-SFA","System File Analysis",{"name":57},{"id":108,"name":109,"tactic":110},"D3-FA","File Analysis",{"name":57},{"id":112,"name":113,"tactic":114},"D3-FIM","File Integrity Monitoring",{"name":57},{"id":116,"name":117,"tactic":118},"D3-OPM","Operational Process Monitoring",{"name":57},{"id":120,"name":121,"tactic":122},"D3-DA","Dynamic Analysis",{"name":57},{"id":124,"name":125,"tactic":126},"D3-EFA","Emulated File Analysis",{"name":57},{"id":128,"name":129,"tactic":130},"D3-PSA","Process Spawn Analysis",{"name":57},{"id":132,"name":133,"tactic":134},"D3-FEV","File Eviction",{"name":135},"Evict",{"id":137,"name":138,"tactic":139},"D3-AL","Account Locking",{"name":135},{"id":141,"name":142,"tactic":143},"D3-DF","Decoy File",{"name":144},"Deceive",{"id":146,"name":147,"tactic":148},"D3-FE","File Encryption",{"name":62},{"id":150,"name":151,"tactic":152},"D3-AA","Agent Authentication",{"name":62},{"id":154,"name":155,"tactic":156},"D3-CDP","Change Default Password",{"name":62},{"id":158,"name":159,"tactic":160},"D3-SCP","System Configuration Permissions",{"name":62},{"id":162,"name":163,"tactic":164},"D3-RC","Restore Configuration",{"name":67},{"id":166,"name":167,"tactic":168},"D3-RF","Restore File",{"name":67},{"id":170,"name":171,"tactic":172},"D3-ULA","Unlock Account",{"name":67},{"id":174,"name":175,"tactic":176},"D3-RUAA","Restore User Account Access",{"name":67},{"id":178,"name":179,"tactic":180},"D3-RD","Restore Database",{"name":67},{"id":182,"name":183,"tactic":184},"D3-SCF","System Call Filtering",{"name":185},"Isolate",{"id":187,"name":188,"tactic":189},"D3-CF","Content Filtering",{"name":185},{"id":191,"name":192,"tactic":193},"D3-LFP","Local File Permissions",{"name":185},{"id":195,"name":196,"tactic":197},"D3-RFAM","Remote File Access Mediation",{"name":185},{"id":199,"name":200,"tactic":201},"D3-CQ","Content Quarantine",{"name":185},{"id":203,"name":204,"tactic":205},"D3-CM","Content Modification",{"name":185},{"id":207,"name":208,"tactic":209},"D3-UAP","User Account Permissions",{"name":185},{"id":211,"name":212,"tactic":213},"D3-EAL","Executable Allowlisting",{"name":185},{"id":215,"name":216,"tactic":217},"D3-EDL","Executable Denylisting",{"name":185},{"id":219,"name":220,"tactic":221},"D3-HBPI","Hardware-based Process Isolation",{"name":185},{"id":223,"name":224,"techniques":225},"CAPEC-127","Directory Indexing",[226],{"id":227,"name":228,"tactics":229,"countermeasures":233},"T1083","File and Directory Discovery",[230],{"id":231,"name":232},"TA0102","Discovery",[234,236,238,240,242,244,246,248,250,252,254],{"id":108,"name":109,"tactic":235},{"name":57},{"id":112,"name":113,"tactic":237},{"name":57},{"id":132,"name":133,"tactic":239},{"name":135},{"id":141,"name":142,"tactic":241},{"name":144},{"id":146,"name":147,"tactic":243},{"name":62},{"id":166,"name":167,"tactic":245},{"name":67},{"id":191,"name":192,"tactic":247},{"name":185},{"id":187,"name":188,"tactic":249},{"name":185},{"id":195,"name":196,"tactic":251},{"name":185},{"id":199,"name":200,"tactic":253},{"name":185},{"id":203,"name":204,"tactic":255},{"name":185},{"id":257,"name":258,"techniques":259},"CAPEC-17","Using Malicious Files",[260,280],{"id":261,"name":262,"tactics":263,"countermeasures":269},"T1574.005","Executable Installer File Permissions Weakness",[264,265,266,267,268],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[270,272,274,276,278],{"id":45,"name":46,"tactic":271},{"name":48},{"id":50,"name":51,"tactic":273},{"name":48},{"id":54,"name":55,"tactic":275},{"name":57},{"id":59,"name":60,"tactic":277},{"name":62},{"id":64,"name":65,"tactic":279},{"name":67},{"id":25,"name":26,"tactics":281,"countermeasures":287},[282,283,284,285,286],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[288,290,292,294,296],{"id":45,"name":46,"tactic":289},{"name":48},{"id":50,"name":51,"tactic":291},{"name":48},{"id":54,"name":55,"tactic":293},{"name":57},{"id":59,"name":60,"tactic":295},{"name":62},{"id":64,"name":65,"tactic":297},{"name":67},{"id":299,"name":300,"techniques":301},"CAPEC-180","Exploiting Incorrectly Configured Access Control Security Levels",[302],{"id":25,"name":26,"tactics":303,"countermeasures":309},[304,305,306,307,308],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[310,312,314,316,318],{"id":45,"name":46,"tactic":311},{"name":48},{"id":50,"name":51,"tactic":313},{"name":48},{"id":54,"name":55,"tactic":315},{"name":57},{"id":59,"name":60,"tactic":317},{"name":62},{"id":64,"name":65,"tactic":319},{"name":67},{"id":321,"name":322,"techniques":323},"CAPEC-206","Signing Malicious Code",[324],{"id":325,"name":326,"tactics":327,"countermeasures":332},"T1553.002","Code Signing",[328,329],{"id":35,"name":36},{"id":330,"name":331},"TA0112","Defense Impairment",[],{"id":334,"name":335,"techniques":336},"CAPEC-234","Hijacking a privileged process",[],{"id":338,"name":339,"techniques":340},"CAPEC-60","Reusing Session IDs (aka Session Replay)",[341,393],{"id":342,"name":343,"tactics":344,"countermeasures":348},"T1134.001","Token Impersonation/Theft",[345,346,347],{"id":35,"name":36},{"id":38,"name":39},{"id":32,"name":33},[349,353,357,361,365,369,373,377,381,385,389],{"id":350,"name":351,"tactic":352},"D3-CCSA","Credential Compromise Scope Analysis",{"name":57},{"id":354,"name":355,"tactic":356},"D3-CR","Credential Revocation",{"name":135},{"id":358,"name":359,"tactic":360},"D3-ANCI","Authentication Cache Invalidation",{"name":135},{"id":362,"name":363,"tactic":364},"D3-DUC","Decoy User Credential",{"name":144},{"id":366,"name":367,"tactic":368},"D3-CH","Credential Hardening",{"name":62},{"id":370,"name":371,"tactic":372},"D3-MFA","Multi-factor Authentication",{"name":62},{"id":374,"name":375,"tactic":376},"D3-CRO","Credential Rotation",{"name":62},{"id":378,"name":379,"tactic":380},"D3-TB","Token Binding",{"name":62},{"id":382,"name":383,"tactic":384},"D3-TBA","Token-based Authentication",{"name":62},{"id":386,"name":387,"tactic":388},"D3-RIC","Reissue Credential",{"name":67},{"id":390,"name":391,"tactic":392},"D3-CTS","Credential Transmission Scoping",{"name":185},{"id":394,"name":395,"tactics":396,"countermeasures":401},"T1550.004","Web Session Cookie",[397,398],{"id":35,"name":36},{"id":399,"name":400},"TA0109","Lateral Movement",[402,406,410,414,418,422,426,430,434,438,442,444,446,450,454,458,462,464,466,468,470,472,474,476,480,484,486,488,492,496],{"id":403,"name":404,"tactic":405},"D3-UGLPA","User Geolocation Logon Pattern Analysis",{"name":57},{"id":407,"name":408,"tactic":409},"D3-PMAD","Protocol Metadata Anomaly Detection",{"name":57},{"id":411,"name":412,"tactic":413},"D3-CSPP","Client-server Payload Profiling",{"name":57},{"id":415,"name":416,"tactic":417},"D3-PHDURA","Per Host Download-Upload Ratio Analysis",{"name":57},{"id":419,"name":420,"tactic":421},"D3-NTSA","Network Traffic Signature Analysis",{"name":57},{"id":423,"name":424,"tactic":425},"D3-APCA","Application Protocol Command Analysis",{"name":57},{"id":427,"name":428,"tactic":429},"D3-NTCD","Network Traffic Community Deviation",{"name":57},{"id":431,"name":432,"tactic":433},"D3-RTSD","Remote Terminal Session Detection",{"name":57},{"id":435,"name":436,"tactic":437},"D3-PLA","Process Lineage Analysis",{"name":57},{"id":439,"name":440,"tactic":441},"D3-PSMD","Process Self-Modification Detection",{"name":57},{"id":128,"name":129,"tactic":443},{"name":57},{"id":350,"name":351,"tactic":445},{"name":57},{"id":447,"name":448,"tactic":449},"D3-PT","Process Termination",{"name":135},{"id":451,"name":452,"tactic":453},"D3-PS","Process Suspension",{"name":135},{"id":455,"name":456,"tactic":457},"D3-HR","Host Reboot",{"name":135},{"id":459,"name":460,"tactic":461},"D3-HS","Host Shutdown",{"name":135},{"id":354,"name":355,"tactic":463},{"name":135},{"id":358,"name":359,"tactic":465},{"name":135},{"id":362,"name":363,"tactic":467},{"name":144},{"id":366,"name":367,"tactic":469},{"name":62},{"id":370,"name":371,"tactic":471},{"name":62},{"id":374,"name":375,"tactic":473},{"name":62},{"id":386,"name":387,"tactic":475},{"name":67},{"id":477,"name":478,"tactic":479},"D3-NTF","Network Traffic Filtering",{"name":185},{"id":481,"name":482,"tactic":483},"D3-KBPI","Kernel-based Process Isolation",{"name":185},{"id":182,"name":183,"tactic":485},{"name":185},{"id":219,"name":220,"tactic":487},{"name":185},{"id":489,"name":490,"tactic":491},"D3-ABPI","Application-based Process Isolation",{"name":185},{"id":493,"name":494,"tactic":495},"D3-WSAM","Web Session Access Mediation",{"name":185},{"id":390,"name":391,"tactic":497},{"name":185},{"id":499,"name":500,"techniques":501},"CAPEC-61","Session Fixation",[],{"id":503,"name":504,"techniques":505},"CAPEC-62","Cross Site Request Forgery",[],{"id":507,"name":508,"techniques":509},"CAPEC-642","Replace Binaries",[510,516,530],{"id":511,"name":512,"tactics":513,"countermeasures":515},"T1505.005","Terminal Services DLL",[514],{"id":29,"name":30},[],{"id":517,"name":518,"tactics":519,"countermeasures":521},"T1554","Compromise Host Software Binary",[520],{"id":29,"name":30},[522,524,526,528],{"id":45,"name":46,"tactic":523},{"name":48},{"id":50,"name":51,"tactic":525},{"name":48},{"id":59,"name":60,"tactic":527},{"name":62},{"id":64,"name":65,"tactic":529},{"name":67},{"id":261,"name":262,"tactics":531,"countermeasures":537},[532,533,534,535,536],{"id":29,"name":30},{"id":32,"name":33},{"id":35,"name":36},{"id":38,"name":39},{"id":41,"name":42},[538,540,542,544,546],{"id":45,"name":46,"tactic":539},{"name":48},{"id":50,"name":51,"tactic":541},{"name":48},{"id":54,"name":55,"tactic":543},{"name":57},{"id":59,"name":60,"tactic":545},{"name":62},{"id":64,"name":65,"tactic":547},{"name":67},[],[550],"GHSA-f88q-22g8-frcg",[],[553,555,557,559,561,563,565,567,569],{"_key":554},"SUSE-RU-2018:2639-1",{"_key":556},"SUSE-SU-2018:2551-1",{"_key":558},"SUSE-SU-2018:2561-1",{"_key":560},"SUSE-SU-2018:2608-1",{"_key":562},"OPENSUSE-SU-2021:0058-1",{"_key":564},"UBUNTU-CVE-2018-1000226",{"_key":566},"OPENSUSE-SU-2021:0046-1",{"_key":568},"OPENSUSE-SU-2024:10690-1",{"_key":570},"USN-6475-1",[],[573,574,575,576,577,578,579],{"_key":554},{"_key":556},{"_key":558},{"_key":560},{"_key":562},{"_key":566},{"_key":568},"2018-08-20T20:00:00.000Z","2024-08-05T12:40:46.918Z","Modified",{"cisa_kev":584,"cisa_ransomware":584,"cisa_vendor":9,"epss_severity":585,"epss_score":586,"severity":585,"severity_score":587,"severity_version":588,"severity_source":589,"severity_vector":590,"severity_status":582},false,"critical",0.60008,9.8,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[592,599,608,613,618],{"url":593,"sources":594,"tags":596},"https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api/",[595,589],"cve.org",[597,598],"X Refsource MISC","Third Party Advisory",{"url":600,"sources":601,"tags":603},"https://github.com/cobbler/cobbler/issues/1916",[595,589,602],"osv_pypi",[604,605,606,607],"X Refsource CONFIRM","Issue Tracking","Vendor Advisory","WEB",{"url":609,"sources":610,"tags":611},"https://nvd.nist.gov/vuln/detail/CVE-2018-1000226",[602],[612],"Advisory",{"url":614,"sources":615,"tags":616},"https://github.com/cobbler/cobbler",[602],[617],"PACKAGE",{"url":619,"sources":620,"tags":621},"https://movermeyer.com/2018-08-02-privilege-escalation-exploits-in-cobblers-api",[602],[607],[],{"date":624,"score":586,"percentile":625},"2026-06-04",0.98298,[627,631,634,637,639,642,644,646,648,650,652,654,656,658,660,664,667,670,673,676,679,681,683,685,688,690,692,694,697,700,702,704,706,708,710,712,714,716,719,722,725,728,730,732,734,736,739,741,743,745,748,750,752,754,757,759,761,763,765,768,770,773,776,779,781,784,786,789,792,794,796,798,800,803,806,808,810,812,815,818,821,823,825,828,831,834,837,839,842,844],{"date":628,"score":629,"percentile":630},"2025-11-04",0.61011,0.9821,{"date":632,"score":629,"percentile":633},"2025-11-05",0.98211,{"date":635,"score":629,"percentile":636},"2025-11-06",0.98212,{"date":638,"score":629,"percentile":630},"2025-11-07",{"date":640,"score":629,"percentile":641},"2025-11-08",0.98209,{"date":643,"score":629,"percentile":630},"2025-11-09",{"date":645,"score":629,"percentile":630},"2025-11-10",{"date":647,"score":629,"percentile":630},"2025-11-11",{"date":649,"score":629,"percentile":633},"2025-11-12",{"date":651,"score":629,"percentile":636},"2025-11-13",{"date":653,"score":629,"percentile":636},"2025-11-14",{"date":655,"score":629,"percentile":641},"2025-11-15",{"date":657,"score":629,"percentile":630},"2025-11-16",{"date":659,"score":629,"percentile":630},"2025-11-17",{"date":661,"score":662,"percentile":663},"2025-11-18",0.52965,0.97846,{"date":665,"score":662,"percentile":666},"2025-11-19",0.97847,{"date":668,"score":662,"percentile":669},"2025-11-20",0.97851,{"date":671,"score":629,"percentile":672},"2025-11-21",0.98207,{"date":674,"score":629,"percentile":675},"2025-11-22",0.98205,{"date":677,"score":629,"percentile":678},"2025-11-23",0.98206,{"date":680,"score":629,"percentile":678},"2025-11-24",{"date":682,"score":629,"percentile":672},"2025-11-25",{"date":684,"score":629,"percentile":672},"2025-11-26",{"date":686,"score":629,"percentile":687},"2025-11-27",0.98208,{"date":689,"score":629,"percentile":687},"2025-11-28",{"date":691,"score":629,"percentile":641},"2025-11-29",{"date":693,"score":629,"percentile":687},"2025-11-30",{"date":695,"score":629,"percentile":696},"2025-12-01",0.98222,{"date":698,"score":629,"percentile":699},"2025-12-02",0.98224,{"date":701,"score":629,"percentile":699},"2025-12-03",{"date":703,"score":629,"percentile":687},"2025-12-04",{"date":705,"score":629,"percentile":672},"2025-12-05",{"date":707,"score":629,"percentile":687},"2025-12-06",{"date":709,"score":629,"percentile":641},"2025-12-07",{"date":711,"score":629,"percentile":630},"2025-12-08",{"date":713,"score":629,"percentile":630},"2025-12-09",{"date":715,"score":629,"percentile":636},"2025-12-10",{"date":717,"score":629,"percentile":718},"2025-12-11",0.98215,{"date":720,"score":629,"percentile":721},"2025-12-12",0.98218,{"date":723,"score":629,"percentile":724},"2025-12-13",0.98217,{"date":726,"score":629,"percentile":727},"2025-12-14",0.98216,{"date":729,"score":629,"percentile":724},"2025-12-15",{"date":731,"score":629,"percentile":727},"2025-12-16",{"date":733,"score":629,"percentile":721},"2025-12-17",{"date":735,"score":629,"percentile":721},"2025-12-18",{"date":737,"score":629,"percentile":738},"2025-12-19",0.9822,{"date":740,"score":629,"percentile":738},"2025-12-20",{"date":742,"score":629,"percentile":721},"2025-12-21",{"date":744,"score":629,"percentile":721},"2025-12-22",{"date":746,"score":629,"percentile":747},"2025-12-23",0.98214,{"date":749,"score":629,"percentile":718},"2025-12-24",{"date":751,"score":629,"percentile":724},"2025-12-25",{"date":753,"score":629,"percentile":721},"2025-12-26",{"date":755,"score":629,"percentile":756},"2025-12-27",0.98237,{"date":758,"score":629,"percentile":738},"2025-12-28",{"date":760,"score":629,"percentile":696},"2025-12-29",{"date":762,"score":629,"percentile":696},"2025-12-30",{"date":764,"score":629,"percentile":699},"2025-12-31",{"date":766,"score":629,"percentile":767},"2026-01-01",0.98243,{"date":769,"score":629,"percentile":767},"2026-01-02",{"date":771,"score":629,"percentile":772},"2026-01-03",0.98244,{"date":774,"score":629,"percentile":775},"2026-01-04",0.98228,{"date":777,"score":629,"percentile":778},"2026-01-05",0.98229,{"date":780,"score":629,"percentile":778},"2026-01-06",{"date":782,"score":629,"percentile":783},"2026-01-07",0.98231,{"date":785,"score":629,"percentile":783},"2026-01-08",{"date":787,"score":629,"percentile":788},"2026-01-09",0.98233,{"date":790,"score":629,"percentile":791},"2026-01-10",0.98235,{"date":793,"score":629,"percentile":788},"2026-01-11",{"date":795,"score":629,"percentile":783},"2026-01-12",{"date":797,"score":629,"percentile":783},"2026-01-13",{"date":799,"score":629,"percentile":788},"2026-01-14",{"date":801,"score":629,"percentile":802},"2026-01-15",0.98234,{"date":804,"score":629,"percentile":805},"2026-01-16",0.98236,{"date":807,"score":629,"percentile":756},"2026-01-17",{"date":809,"score":629,"percentile":805},"2026-01-18",{"date":811,"score":629,"percentile":756},"2026-01-19",{"date":813,"score":629,"percentile":814},"2026-01-20",0.98239,{"date":816,"score":629,"percentile":817},"2026-01-21",0.9824,{"date":819,"score":629,"percentile":820},"2026-01-22",0.98242,{"date":822,"score":629,"percentile":767},"2026-01-23",{"date":824,"score":629,"percentile":772},"2026-01-24",{"date":826,"score":629,"percentile":827},"2026-01-25",0.98245,{"date":829,"score":629,"percentile":830},"2026-01-26",0.98247,{"date":832,"score":629,"percentile":833},"2026-01-27",0.98248,{"date":835,"score":629,"percentile":836},"2026-01-28",0.9825,{"date":838,"score":629,"percentile":833},"2026-01-29",{"date":840,"score":629,"percentile":841},"2026-01-30",0.98249,{"date":843,"score":629,"percentile":830},"2026-01-31",{"date":845,"score":629,"percentile":846},"2026-02-01",0.98261,[848,856],{"source":589,"cvss_v2_0":849,"cvss_v3_0":854,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":850,"baseSeverity":9,"vectorString":851,"impactScore":852,"exploitabilityScore":853},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,10,{"baseScore":587,"baseSeverity":855,"vectorString":590,"impactScore":587,"exploitabilityScore":853},"CRITICAL",{"source":602,"cvss_v2_0":9,"cvss_v3_0":857,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":587,"baseSeverity":9,"vectorString":590,"impactScore":587,"exploitabilityScore":853},[859,870],{"ecosystem":9,"name":860,"vendor":861,"product":860,"cpe_part":862,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":863},"cobbler","cobblerd","a",[864],{"version":865,"is_range":866,"range_type":867,"version_start":868,"version_start_type":869,"version_end":9,"version_end_type":9,"fixed_in":9},"gte2.0.0",true,"cpe","2.0.0","including",{"ecosystem":871,"name":860,"vendor":871,"product":860,"cpe_part":9,"purl_type":872,"purl_namespace":9,"purl_name":860,"source":9,"versions":873},"PyPI","pypi",[874],{"version":875,"is_range":866,"range_type":876,"version_start":9,"version_start_type":9,"version_end":877,"version_end_type":878,"fixed_in":9},"lt3_0_0","ecosystem","3.0.0","excluding"]