Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/openshift-origin-node-util@1.38.7.1-1?arch=el6op
Typerpm
Namespaceredhat
Nameopenshift-origin-node-util
Version1.38.7.1-1
Qualifiers
arch el6op
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-32uq-r1e7-3ub4
vulnerability_id VCID-32uq-r1e7-3ub4
summary 
InvokerTransformer code execution during deserialization
This package allows code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
references
0
reference_url http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
reference_id
reference_type
scores
url http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-2500.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-2500.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2015-2501.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-2501.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2015-2502.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-2502.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-2514.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-2514.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2015-2516.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-2516.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2015-2517.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-2517.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2015-2521.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-2521.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2015-2522.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-2522.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2015-2524.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-2524.html
10
reference_url http://rhn.redhat.com/errata/RHSA-2015-2670.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-2670.html
11
reference_url http://rhn.redhat.com/errata/RHSA-2015-2671.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-2671.html
12
reference_url http://rhn.redhat.com/errata/RHSA-2016-0040.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2016-0040.html
13
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
14
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7501.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7501.json
15
reference_url https://access.redhat.com/security/vulnerabilities/2059393
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/vulnerabilities/2059393
16
reference_url https://access.redhat.com/solutions/2045023
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/solutions/2045023
17
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7501
reference_id
reference_type
scores
0
value 0.71461
scoring_system epss
scoring_elements 0.98729
published_at 2026-04-16T12:55:00Z
1
value 0.71461
scoring_system epss
scoring_elements 0.98714
published_at 2026-04-01T12:55:00Z
2
value 0.71461
scoring_system epss
scoring_elements 0.98715
published_at 2026-04-02T12:55:00Z
3
value 0.71461
scoring_system epss
scoring_elements 0.98719
published_at 2026-04-04T12:55:00Z
4
value 0.71461
scoring_system epss
scoring_elements 0.98722
published_at 2026-04-09T12:55:00Z
5
value 0.71461
scoring_system epss
scoring_elements 0.98725
published_at 2026-04-12T12:55:00Z
6
value 0.71461
scoring_system epss
scoring_elements 0.98726
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7501
18
reference_url https://arxiv.org/pdf/2306.05534.pdf
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://arxiv.org/pdf/2306.05534.pdf
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1279330
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1279330
20
reference_url https://commons.apache.org/proper/commons-collections/release_4_1.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://commons.apache.org/proper/commons-collections/release_4_1.html
21
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501
22
reference_url https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability
23
reference_url https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
reference_id
reference_type
scores
url https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
24
reference_url https://github.com/apache/commons-collections
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-collections
25
reference_url https://issues.apache.org/jira/browse/COLLECTIONS-580.
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/COLLECTIONS-580.
26
reference_url https://rhn.redhat.com/errata/RHSA-2015-2536.html
reference_id
reference_type
scores
url https://rhn.redhat.com/errata/RHSA-2015-2536.html
27
reference_url https://security.netapp.com/advisory/ntap-20240216-0010/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20240216-0010/
28
reference_url https://sourceforge.net/p/collections/code/HEAD/tree
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://sourceforge.net/p/collections/code/HEAD/tree
29
reference_url https://sourceforge.net/p/collections/code/HEAD/tree/
reference_id
reference_type
scores
url https://sourceforge.net/p/collections/code/HEAD/tree/
30
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id
reference_type
scores
url https://www.oracle.com/security-alerts/cpujul2020.html
31
reference_url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
32
reference_url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
33
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
34
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
35
reference_url http://www.securityfocus.com/bid/78215
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/78215
36
reference_url http://www.securitytracker.com/id/1034097
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1034097
37
reference_url http://www.securitytracker.com/id/1037052
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037052
38
reference_url http://www.securitytracker.com/id/1037053
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037053
39
reference_url http://www.securitytracker.com/id/1037640
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1037640
40
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:data_grid:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:data_grid:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:data_grid:6.0.0:*:*:*:*:*:*:*
41
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_a-mq:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_a-mq:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_a-mq:6.0.0:*:*:*:*:*:*:*
42
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_bpm_suite:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_bpm_suite:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_bpm_suite:6.0.0:*:*:*:*:*:*:*
43
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_data_virtualization:5.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_data_virtualization:5.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_data_virtualization:5.0.0:*:*:*:*:*:*:*
44
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_data_virtualization:6.0.0:*:*:*:*:*:*:*
45
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:4.3.0:*:*:*:*:*:*:*
46
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:5.0.0:*:*:*:*:*:*:*
47
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_application_platform:6.0.0:*:*:*:*:*:*:*
48
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_brms_platform:5.0.0:*:*:*:*:*:*:*
49
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_brms_platform:6.0.0:*:*:*:*:*:*:*
50
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_soa_platform:5.0.0:*:*:*:*:*:*:*
51
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_enterprise_web_server:3.0.0:*:*:*:*:*:*:*
52
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_fuse:6.0.0:*:*:*:*:*:*:*
53
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_fuse_service_works:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_fuse_service_works:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_fuse_service_works:6.0:*:*:*:*:*:*:*
54
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_operations_network:3.0:*:*:*:*:*:*:*
55
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_portal:6.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:jboss_portal:6.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:jboss_portal:6.0.0:*:*:*:*:*:*:*
56
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*
57
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:subscription_asset_manager:1.3.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:subscription_asset_manager:1.3.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:subscription_asset_manager:1.3.0:*:*:*:*:*:*:*
58
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:xpaas:3.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:xpaas:3.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:xpaas:3.0.0:*:*:*:*:*:*:*
59
reference_url https://github.com/jensdietrich/xshady-release/tree/main/CVE-2015-7501
reference_id CVE-2015-7501
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jensdietrich/xshady-release/tree/main/CVE-2015-7501
60
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7501
reference_id CVE-2015-7501
reference_type
scores
0
value 10.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:C/I:C/A:C
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7501
61
reference_url https://github.com/advisories/GHSA-fjq5-5j5f-mvxh
reference_id GHSA-fjq5-5j5f-mvxh
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fjq5-5j5f-mvxh
62
reference_url https://access.redhat.com/errata/RHSA-2015:2500
reference_id RHSA-2015:2500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2500
63
reference_url https://access.redhat.com/errata/RHSA-2015:2501
reference_id RHSA-2015:2501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2501
64
reference_url https://access.redhat.com/errata/RHSA-2015:2502
reference_id RHSA-2015:2502
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2502
65
reference_url https://access.redhat.com/errata/RHSA-2015:2514
reference_id RHSA-2015:2514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2514
66
reference_url https://access.redhat.com/errata/RHSA-2015:2516
reference_id RHSA-2015:2516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2516
67
reference_url https://access.redhat.com/errata/RHSA-2015:2517
reference_id RHSA-2015:2517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2517
68
reference_url https://access.redhat.com/errata/RHSA-2015:2521
reference_id RHSA-2015:2521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2521
69
reference_url https://access.redhat.com/errata/RHSA-2015:2522
reference_id RHSA-2015:2522
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2522
70
reference_url https://access.redhat.com/errata/RHSA-2015:2523
reference_id RHSA-2015:2523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2523
71
reference_url https://access.redhat.com/errata/RHSA-2015:2524
reference_id RHSA-2015:2524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2524
72
reference_url https://access.redhat.com/errata/RHSA-2015:2534
reference_id RHSA-2015:2534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2534
73
reference_url https://access.redhat.com/errata/RHSA-2015:2535
reference_id RHSA-2015:2535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2535
74
reference_url https://access.redhat.com/errata/RHSA-2015:2536
reference_id RHSA-2015:2536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2536
75
reference_url https://access.redhat.com/errata/RHSA-2015:2537
reference_id RHSA-2015:2537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2537
76
reference_url https://access.redhat.com/errata/RHSA-2015:2538
reference_id RHSA-2015:2538
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2538
77
reference_url https://access.redhat.com/errata/RHSA-2015:2539
reference_id RHSA-2015:2539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2539
78
reference_url https://access.redhat.com/errata/RHSA-2015:2540
reference_id RHSA-2015:2540
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2540
79
reference_url https://access.redhat.com/errata/RHSA-2015:2541
reference_id RHSA-2015:2541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2541
80
reference_url https://access.redhat.com/errata/RHSA-2015:2542
reference_id RHSA-2015:2542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2542
81
reference_url https://access.redhat.com/errata/RHSA-2015:2547
reference_id RHSA-2015:2547
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2547
82
reference_url https://access.redhat.com/errata/RHSA-2015:2548
reference_id RHSA-2015:2548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2548
83
reference_url https://access.redhat.com/errata/RHSA-2015:2556
reference_id RHSA-2015:2556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2556
84
reference_url https://access.redhat.com/errata/RHSA-2015:2557
reference_id RHSA-2015:2557
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2557
85
reference_url https://access.redhat.com/errata/RHSA-2015:2559
reference_id RHSA-2015:2559
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2559
86
reference_url https://access.redhat.com/errata/RHSA-2015:2560
reference_id RHSA-2015:2560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2560
87
reference_url https://access.redhat.com/errata/RHSA-2015:2578
reference_id RHSA-2015:2578
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2578
88
reference_url https://access.redhat.com/errata/RHSA-2015:2579
reference_id RHSA-2015:2579
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2579
89
reference_url https://access.redhat.com/errata/RHSA-2015:2670
reference_id RHSA-2015:2670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2670
90
reference_url https://access.redhat.com/errata/RHSA-2015:2671
reference_id RHSA-2015:2671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2671
91
reference_url https://access.redhat.com/errata/RHSA-2016:0040
reference_id RHSA-2016:0040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0040
92
reference_url https://access.redhat.com/errata/RHSA-2016:0118
reference_id RHSA-2016:0118
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0118
93
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
94
reference_url https://access.redhat.com/errata/RHSA-2020:4274
reference_id RHSA-2020:4274
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4274
fixed_packages
aliases CVE-2015-7501, GHSA-fjq5-5j5f-mvxh
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-32uq-r1e7-3ub4
1
url VCID-3bxq-vmjj-kqfe
vulnerability_id VCID-3bxq-vmjj-kqfe
summary org.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the "foo,CN=www.apache.org" string in the O field.
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html
2
reference_url http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-1146.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1146.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2014-1166.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1166.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2014-1833.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1833.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2014-1834.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1834.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2014-1835.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1835.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-1836.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1836.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2014-1891.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1891.html
10
reference_url http://rhn.redhat.com/errata/RHSA-2014-1892.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1892.html
11
reference_url http://rhn.redhat.com/errata/RHSA-2015-0125.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0125.html
12
reference_url http://rhn.redhat.com/errata/RHSA-2015-0158.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0158.html
13
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
14
reference_url http://rhn.redhat.com/errata/RHSA-2015-0720.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0720.html
15
reference_url http://rhn.redhat.com/errata/RHSA-2015-0765.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0765.html
16
reference_url http://rhn.redhat.com/errata/RHSA-2015-0850.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0850.html
17
reference_url http://rhn.redhat.com/errata/RHSA-2015-0851.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0851.html
18
reference_url http://rhn.redhat.com/errata/RHSA-2015-1176.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1176.html
19
reference_url http://rhn.redhat.com/errata/RHSA-2015-1177.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1177.html
20
reference_url http://rhn.redhat.com/errata/RHSA-2015-1888.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1888.html
21
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
22
reference_url http://rhn.redhat.com/errata/RHSA-2016-1931.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1931.html
23
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3577.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3577.json
24
reference_url https://access.redhat.com/solutions/1165533
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/solutions/1165533
25
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3577
reference_id
reference_type
scores
0
value 0.01368
scoring_system epss
scoring_elements 0.80233
published_at 2026-04-16T12:55:00Z
1
value 0.01368
scoring_system epss
scoring_elements 0.80152
published_at 2026-04-01T12:55:00Z
2
value 0.01368
scoring_system epss
scoring_elements 0.80159
published_at 2026-04-02T12:55:00Z
3
value 0.01368
scoring_system epss
scoring_elements 0.80179
published_at 2026-04-04T12:55:00Z
4
value 0.01368
scoring_system epss
scoring_elements 0.80167
published_at 2026-04-07T12:55:00Z
5
value 0.01368
scoring_system epss
scoring_elements 0.80195
published_at 2026-04-08T12:55:00Z
6
value 0.01368
scoring_system epss
scoring_elements 0.80204
published_at 2026-04-13T12:55:00Z
7
value 0.01368
scoring_system epss
scoring_elements 0.80223
published_at 2026-04-11T12:55:00Z
8
value 0.01368
scoring_system epss
scoring_elements 0.80209
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3577
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3577
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3577
27
reference_url http://seclists.org/fulldisclosure/2014/Aug/48
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Aug/48
28
reference_url http://secunia.com/advisories/60466
reference_id
reference_type
scores
url http://secunia.com/advisories/60466
29
reference_url http://secunia.com/advisories/60589
reference_id
reference_type
scores
url http://secunia.com/advisories/60589
30
reference_url http://secunia.com/advisories/60713
reference_id
reference_type
scores
url http://secunia.com/advisories/60713
31
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/95327
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/95327
32
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
33
reference_url https://github.com/apache/httpcomponents-client
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/httpcomponents-client
34
reference_url https://github.com/apache/httpcomponents-client/commit/51cc67567765d67f878f0dcef61b5ded454d3122
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/httpcomponents-client/commit/51cc67567765d67f878f0dcef61b5ded454d3122
35
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564
36
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782
37
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf%40%3Ccommits.cxf.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
46
reference_url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c%40%3Ccommits.cxf.apache.org%3E
47
reference_url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
48
reference_url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6%40%3Ccommits.cxf.apache.org%3E
49
reference_url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
50
reference_url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4%40%3Ccommits.cxf.apache.org%3E
51
reference_url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
52
reference_url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e%40%3Ccommits.cxf.apache.org%3E
53
reference_url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
54
reference_url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4%40%3Ccommits.cxf.apache.org%3E
55
reference_url https://security.netapp.com/advisory/ntap-20231027-0003
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231027-0003
56
reference_url https://security.netapp.com/advisory/ntap-20231027-0003/
reference_id
reference_type
scores
url https://security.netapp.com/advisory/ntap-20231027-0003/
57
reference_url https://svn.apache.org/viewvc?view=revision&revision=1614064
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1614064
58
reference_url http://www.openwall.com/lists/oss-security/2021/10/06/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/10/06/1
59
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
60
reference_url http://www.osvdb.org/110143
reference_id
reference_type
scores
url http://www.osvdb.org/110143
61
reference_url http://www.securityfocus.com/bid/69258
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/69258
62
reference_url http://www.securitytracker.com/id/1030812
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1030812
63
reference_url http://www.ubuntu.com/usn/USN-2769-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2769-1
64
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1129074
reference_id 1129074
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1129074
65
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758086
reference_id 758086
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758086
66
reference_url https://security.archlinux.org/AVG-2448
reference_id AVG-2448
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2448
67
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:httpasyncclient:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:httpasyncclient:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:httpasyncclient:*:*:*:*:*:*:*:*
68
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:httpclient:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:httpclient:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:httpclient:*:*:*:*:*:*:*:*
69
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3577
reference_id CVE-2014-3577
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3577
70
reference_url https://github.com/advisories/GHSA-cfh5-3ghh-wfjx
reference_id GHSA-cfh5-3ghh-wfjx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-cfh5-3ghh-wfjx
71
reference_url https://access.redhat.com/errata/RHSA-2014:1082
reference_id RHSA-2014:1082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1082
72
reference_url https://access.redhat.com/errata/RHSA-2014:1146
reference_id RHSA-2014:1146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1146
73
reference_url https://access.redhat.com/errata/RHSA-2014:1162
reference_id RHSA-2014:1162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1162
74
reference_url https://access.redhat.com/errata/RHSA-2014:1163
reference_id RHSA-2014:1163
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1163
75
reference_url https://access.redhat.com/errata/RHSA-2014:1166
reference_id RHSA-2014:1166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1166
76
reference_url https://access.redhat.com/errata/RHSA-2014:1320
reference_id RHSA-2014:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1320
77
reference_url https://access.redhat.com/errata/RHSA-2014:1321
reference_id RHSA-2014:1321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1321
78
reference_url https://access.redhat.com/errata/RHSA-2014:1322
reference_id RHSA-2014:1322
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1322
79
reference_url https://access.redhat.com/errata/RHSA-2014:1323
reference_id RHSA-2014:1323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1323
80
reference_url https://access.redhat.com/errata/RHSA-2014:1833
reference_id RHSA-2014:1833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1833
81
reference_url https://access.redhat.com/errata/RHSA-2014:1834
reference_id RHSA-2014:1834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1834
82
reference_url https://access.redhat.com/errata/RHSA-2014:1835
reference_id RHSA-2014:1835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1835
83
reference_url https://access.redhat.com/errata/RHSA-2014:1836
reference_id RHSA-2014:1836
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1836
84
reference_url https://access.redhat.com/errata/RHSA-2014:1891
reference_id RHSA-2014:1891
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1891
85
reference_url https://access.redhat.com/errata/RHSA-2014:1892
reference_id RHSA-2014:1892
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1892
86
reference_url https://access.redhat.com/errata/RHSA-2014:1904
reference_id RHSA-2014:1904
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1904
87
reference_url https://access.redhat.com/errata/RHSA-2014:2019
reference_id RHSA-2014:2019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:2019
88
reference_url https://access.redhat.com/errata/RHSA-2014:2020
reference_id RHSA-2014:2020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:2020
89
reference_url https://access.redhat.com/errata/RHSA-2015:0125
reference_id RHSA-2015:0125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0125
90
reference_url https://access.redhat.com/errata/RHSA-2015:0158
reference_id RHSA-2015:0158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0158
91
reference_url https://access.redhat.com/errata/RHSA-2015:0234
reference_id RHSA-2015:0234
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0234
92
reference_url https://access.redhat.com/errata/RHSA-2015:0235
reference_id RHSA-2015:0235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0235
93
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
94
reference_url https://access.redhat.com/errata/RHSA-2015:0720
reference_id RHSA-2015:0720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0720
95
reference_url https://access.redhat.com/errata/RHSA-2015:0765
reference_id RHSA-2015:0765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0765
96
reference_url https://access.redhat.com/errata/RHSA-2015:0850
reference_id RHSA-2015:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0850
97
reference_url https://access.redhat.com/errata/RHSA-2015:0851
reference_id RHSA-2015:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0851
98
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
99
reference_url https://access.redhat.com/errata/RHSA-2015:1176
reference_id RHSA-2015:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1176
100
reference_url https://access.redhat.com/errata/RHSA-2015:1177
reference_id RHSA-2015:1177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1177
101
reference_url https://access.redhat.com/errata/RHSA-2015:1888
reference_id RHSA-2015:1888
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1888
102
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
103
reference_url https://access.redhat.com/errata/RHSA-2016:1931
reference_id RHSA-2016:1931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1931
104
reference_url https://access.redhat.com/errata/RHSA-2022:0055
reference_id RHSA-2022:0055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0055
105
reference_url https://usn.ubuntu.com/2769-1/
reference_id USN-2769-1
reference_type
scores
url https://usn.ubuntu.com/2769-1/
fixed_packages
aliases CVE-2014-3577, GHSA-cfh5-3ghh-wfjx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3bxq-vmjj-kqfe
2
url VCID-3keu-g1gc-kyhf
vulnerability_id VCID-3keu-g1gc-kyhf
summary 
Information Exposure
Jenkins does not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0711
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0711
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0791.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0791.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0791
reference_id
reference_type
scores
0
value 0.00469
scoring_system epss
scoring_elements 0.64445
published_at 2026-04-01T12:55:00Z
1
value 0.00469
scoring_system epss
scoring_elements 0.64535
published_at 2026-04-08T12:55:00Z
2
value 0.00469
scoring_system epss
scoring_elements 0.6456
published_at 2026-04-16T12:55:00Z
3
value 0.00469
scoring_system epss
scoring_elements 0.64527
published_at 2026-04-13T12:55:00Z
4
value 0.00469
scoring_system epss
scoring_elements 0.64555
published_at 2026-04-12T12:55:00Z
5
value 0.00469
scoring_system epss
scoring_elements 0.64487
published_at 2026-04-07T12:55:00Z
6
value 0.00469
scoring_system epss
scoring_elements 0.64551
published_at 2026-04-09T12:55:00Z
7
value 0.00469
scoring_system epss
scoring_elements 0.64567
published_at 2026-04-11T12:55:00Z
8
value 0.00469
scoring_system epss
scoring_elements 0.645
published_at 2026-04-02T12:55:00Z
9
value 0.00469
scoring_system epss
scoring_elements 0.6453
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0791
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311949
reference_id 1311949
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311949
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:1.642.1:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:1.642.1:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:1.642.1:*:*:*:lts:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0791
reference_id CVE-2016-0791
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0791
10
reference_url https://github.com/advisories/GHSA-jmw7-ph6p-33cc
reference_id GHSA-jmw7-ph6p-33cc
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jmw7-ph6p-33cc
11
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-0791, GHSA-jmw7-ph6p-33cc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3keu-g1gc-kyhf
3
url VCID-4tt7-hwz7-nfhf
vulnerability_id VCID-4tt7-hwz7-nfhf
summary 
Jenkins allows Deserialization of Untrusted Data via an XML File
Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0711
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0711
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0792.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0792.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0792
reference_id
reference_type
scores
0
value 0.90851
scoring_system epss
scoring_elements 0.99628
published_at 2026-04-01T12:55:00Z
1
value 0.90851
scoring_system epss
scoring_elements 0.99631
published_at 2026-04-16T12:55:00Z
2
value 0.90851
scoring_system epss
scoring_elements 0.9963
published_at 2026-04-13T12:55:00Z
3
value 0.90851
scoring_system epss
scoring_elements 0.99629
published_at 2026-04-04T12:55:00Z
4
value 0.90851
scoring_system epss
scoring_elements 0.99627
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0792
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/7f202f0317e60cd3160f61467b8558f864f83f41
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/7f202f0317e60cd3160f61467b8558f864f83f41
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
7
reference_url https://www.contrastsecurity.com/security-influencers/serialization-must-die-act-2-xstream
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.contrastsecurity.com/security-influencers/serialization-must-die-act-2-xstream
8
reference_url https://www.exploit-db.com/exploits/42394
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/42394
9
reference_url https://www.exploit-db.com/exploits/42394/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/42394/
10
reference_url https://www.exploit-db.com/exploits/43375
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/43375
11
reference_url https://www.exploit-db.com/exploits/43375/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/43375/
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311950
reference_id 1311950
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311950
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
16
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/42394.py
reference_id CVE-2016-0792
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/42394.py
17
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/43375.rb
reference_id CVE-2016-0792
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/43375.rb
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0792
reference_id CVE-2016-0792
reference_type
scores
0
value 9.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:C/I:C/A:C
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0792
19
reference_url https://raw.githubusercontent.com/rapid7/metasploit-framework/76823e9fe6e38e88c2a25bc5a13c6b2bec6aeeb2/modules/exploits/multi/http/jenkins_xstream_deserialize.rb
reference_id CVE-2016-0792
reference_type exploit
scores
url https://raw.githubusercontent.com/rapid7/metasploit-framework/76823e9fe6e38e88c2a25bc5a13c6b2bec6aeeb2/modules/exploits/multi/http/jenkins_xstream_deserialize.rb
20
reference_url https://github.com/advisories/GHSA-45rg-g72w-r393
reference_id GHSA-45rg-g72w-r393
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-45rg-g72w-r393
21
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-0792, GHSA-45rg-g72w-r393
risk_score 10.0
exploitability 2.0
weighted_severity 8.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4tt7-hwz7-nfhf
4
url VCID-5tfj-bm2b-ffhm
vulnerability_id VCID-5tfj-bm2b-ffhm
summary 
Jenkins Exposes Sensitive Information via API URL
The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3727.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3727.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3727
reference_id
reference_type
scores
0
value 0.0009
scoring_system epss
scoring_elements 0.25476
published_at 2026-04-11T12:55:00Z
1
value 0.0009
scoring_system epss
scoring_elements 0.25539
published_at 2026-04-02T12:55:00Z
2
value 0.0009
scoring_system epss
scoring_elements 0.25387
published_at 2026-04-16T12:55:00Z
3
value 0.0009
scoring_system epss
scoring_elements 0.2538
published_at 2026-04-13T12:55:00Z
4
value 0.0009
scoring_system epss
scoring_elements 0.25434
published_at 2026-04-12T12:55:00Z
5
value 0.0009
scoring_system epss
scoring_elements 0.25576
published_at 2026-04-04T12:55:00Z
6
value 0.0009
scoring_system epss
scoring_elements 0.25473
published_at 2026-04-01T12:55:00Z
7
value 0.0009
scoring_system epss
scoring_elements 0.25464
published_at 2026-04-09T12:55:00Z
8
value 0.0009
scoring_system epss
scoring_elements 0.25417
published_at 2026-04-08T12:55:00Z
9
value 0.0009
scoring_system epss
scoring_elements 0.25349
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3727
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/d66ad6f3ee46a5c6bb865bb831e8cdfc74cd7eb3
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/d66ad6f3ee46a5c6bb865bb831e8cdfc74cd7eb3
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
7
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335422
reference_id 1335422
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335422
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3727
reference_id CVE-2016-3727
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3727
14
reference_url https://github.com/advisories/GHSA-6cr3-cm5h-8q96
reference_id GHSA-6cr3-cm5h-8q96
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6cr3-cm5h-8q96
15
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3727, GHSA-6cr3-cm5h-8q96
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5tfj-bm2b-ffhm
5
url VCID-891k-xz71-guc5
vulnerability_id VCID-891k-xz71-guc5
summary 
Jenkins allows Execution of Code by Opening a JRMP Listener
The remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP listener.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0711
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0711
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0788.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0788.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0788
reference_id
reference_type
scores
0
value 0.3743
scoring_system epss
scoring_elements 0.97182
published_at 2026-04-11T12:55:00Z
1
value 0.3743
scoring_system epss
scoring_elements 0.97178
published_at 2026-04-09T12:55:00Z
2
value 0.3743
scoring_system epss
scoring_elements 0.97177
published_at 2026-04-08T12:55:00Z
3
value 0.3743
scoring_system epss
scoring_elements 0.97154
published_at 2026-04-01T12:55:00Z
4
value 0.3743
scoring_system epss
scoring_elements 0.97167
published_at 2026-04-07T12:55:00Z
5
value 0.3743
scoring_system epss
scoring_elements 0.97191
published_at 2026-04-16T12:55:00Z
6
value 0.3743
scoring_system epss
scoring_elements 0.97183
published_at 2026-04-13T12:55:00Z
7
value 0.3743
scoring_system epss
scoring_elements 0.97161
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0788
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/1ec232ca1c80e924d70212313b852aec408aa37e
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/1ec232ca1c80e924d70212313b852aec408aa37e
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311946
reference_id 1311946
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311946
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:1.642.1:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:1.642.1:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:1.642.1:*:*:*:lts:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0788
reference_id CVE-2016-0788
reference_type
scores
0
value 10.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:C/I:C/A:C
1
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
2
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0788
12
reference_url https://github.com/advisories/GHSA-j7q5-h445-f7pc
reference_id GHSA-j7q5-h445-f7pc
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-j7q5-h445-f7pc
13
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-0788, GHSA-j7q5-h445-f7pc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-891k-xz71-guc5
6
url VCID-8y2p-df9x-a7cp
vulnerability_id VCID-8y2p-df9x-a7cp
summary 
Permissions, Privileges, and Access Controls
Jenkins allows remote authenticated users with multiple accounts to cause a denial of service (unable to login) by editing the "full name".
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3722.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3722.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3722
reference_id
reference_type
scores
0
value 0.00197
scoring_system epss
scoring_elements 0.41652
published_at 2026-04-13T12:55:00Z
1
value 0.00197
scoring_system epss
scoring_elements 0.41576
published_at 2026-04-01T12:55:00Z
2
value 0.00197
scoring_system epss
scoring_elements 0.41663
published_at 2026-04-02T12:55:00Z
3
value 0.00197
scoring_system epss
scoring_elements 0.41691
published_at 2026-04-04T12:55:00Z
4
value 0.00197
scoring_system epss
scoring_elements 0.41618
published_at 2026-04-07T12:55:00Z
5
value 0.00197
scoring_system epss
scoring_elements 0.41668
published_at 2026-04-08T12:55:00Z
6
value 0.00197
scoring_system epss
scoring_elements 0.41676
published_at 2026-04-09T12:55:00Z
7
value 0.00197
scoring_system epss
scoring_elements 0.41699
published_at 2026-04-16T12:55:00Z
8
value 0.00197
scoring_system epss
scoring_elements 0.41666
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3722
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
5
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335416
reference_id 1335416
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335416
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3722
reference_id CVE-2016-3722
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3722
12
reference_url https://github.com/advisories/GHSA-3857-xm38-jmq2
reference_id GHSA-3857-xm38-jmq2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3857-xm38-jmq2
13
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3722, GHSA-3857-xm38-jmq2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8y2p-df9x-a7cp
7
url VCID-b69p-t71y-hbhd
vulnerability_id VCID-b69p-t71y-hbhd
summary 
Jenkins affected by Open Redirect Vulnerability
Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3726.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3726.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3726
reference_id
reference_type
scores
0
value 0.00081
scoring_system epss
scoring_elements 0.23738
published_at 2026-04-16T12:55:00Z
1
value 0.00081
scoring_system epss
scoring_elements 0.23751
published_at 2026-04-01T12:55:00Z
2
value 0.00081
scoring_system epss
scoring_elements 0.23867
published_at 2026-04-02T12:55:00Z
3
value 0.00081
scoring_system epss
scoring_elements 0.23908
published_at 2026-04-04T12:55:00Z
4
value 0.00081
scoring_system epss
scoring_elements 0.23697
published_at 2026-04-07T12:55:00Z
5
value 0.00081
scoring_system epss
scoring_elements 0.23767
published_at 2026-04-08T12:55:00Z
6
value 0.00081
scoring_system epss
scoring_elements 0.23814
published_at 2026-04-09T12:55:00Z
7
value 0.00081
scoring_system epss
scoring_elements 0.23828
published_at 2026-04-11T12:55:00Z
8
value 0.00081
scoring_system epss
scoring_elements 0.23784
published_at 2026-04-12T12:55:00Z
9
value 0.00081
scoring_system epss
scoring_elements 0.23727
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3726
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/2ed0c046dfbb2003a17df27c53777e72c6eaff25
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/2ed0c046dfbb2003a17df27c53777e72c6eaff25
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
7
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335421
reference_id 1335421
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335421
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3726
reference_id CVE-2016-3726
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
2
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3726
14
reference_url https://github.com/advisories/GHSA-rx4r-gxpc-h85x
reference_id GHSA-rx4r-gxpc-h85x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rx4r-gxpc-h85x
15
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3726, GHSA-rx4r-gxpc-h85x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b69p-t71y-hbhd
8
url VCID-jaty-3r2s-pqc2
vulnerability_id VCID-jaty-3r2s-pqc2
summary 
Jenkins allows Remote Users to Inject Build Parameters
Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3721.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3721.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3721
reference_id
reference_type
scores
0
value 0.00379
scoring_system epss
scoring_elements 0.59457
published_at 2026-04-16T12:55:00Z
1
value 0.00379
scoring_system epss
scoring_elements 0.59313
published_at 2026-04-01T12:55:00Z
2
value 0.00379
scoring_system epss
scoring_elements 0.59387
published_at 2026-04-02T12:55:00Z
3
value 0.00379
scoring_system epss
scoring_elements 0.59411
published_at 2026-04-04T12:55:00Z
4
value 0.00379
scoring_system epss
scoring_elements 0.59377
published_at 2026-04-07T12:55:00Z
5
value 0.00379
scoring_system epss
scoring_elements 0.59428
published_at 2026-04-08T12:55:00Z
6
value 0.00379
scoring_system epss
scoring_elements 0.59441
published_at 2026-04-09T12:55:00Z
7
value 0.00379
scoring_system epss
scoring_elements 0.5946
published_at 2026-04-11T12:55:00Z
8
value 0.00379
scoring_system epss
scoring_elements 0.59444
published_at 2026-04-12T12:55:00Z
9
value 0.00379
scoring_system epss
scoring_elements 0.59425
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3721
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://wiki.jenkins-ci.org/display/JENKINS/Plugins+affected+by+fix+for+SECURITY-170
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://wiki.jenkins-ci.org/display/JENKINS/Plugins+affected+by+fix+for+SECURITY-170
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
7
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
8
reference_url http://www.openwall.com/lists/oss-security/2024/05/02/3
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url http://www.openwall.com/lists/oss-security/2024/05/02/3
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335415
reference_id 1335415
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335415
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3721
reference_id CVE-2016-3721
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:P/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3721
15
reference_url https://github.com/advisories/GHSA-qf2h-h3xq-j93j
reference_id GHSA-qf2h-h3xq-j93j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qf2h-h3xq-j93j
16
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3721, GHSA-qf2h-h3xq-j93j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jaty-3r2s-pqc2
9
url VCID-kt3k-9uyt-13d1
vulnerability_id VCID-kt3k-9uyt-13d1
summary 
Jenkins Exposes Sensitive Information from Job Configuration
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3724.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3724.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3724
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48594
published_at 2026-04-16T12:55:00Z
1
value 0.00252
scoring_system epss
scoring_elements 0.48476
published_at 2026-04-01T12:55:00Z
2
value 0.00252
scoring_system epss
scoring_elements 0.48512
published_at 2026-04-02T12:55:00Z
3
value 0.00252
scoring_system epss
scoring_elements 0.48535
published_at 2026-04-04T12:55:00Z
4
value 0.00252
scoring_system epss
scoring_elements 0.48487
published_at 2026-04-07T12:55:00Z
5
value 0.00252
scoring_system epss
scoring_elements 0.48542
published_at 2026-04-08T12:55:00Z
6
value 0.00252
scoring_system epss
scoring_elements 0.48537
published_at 2026-04-09T12:55:00Z
7
value 0.00252
scoring_system epss
scoring_elements 0.48558
published_at 2026-04-11T12:55:00Z
8
value 0.00252
scoring_system epss
scoring_elements 0.48531
published_at 2026-04-12T12:55:00Z
9
value 0.00252
scoring_system epss
scoring_elements 0.48544
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3724
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
6
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335418
reference_id 1335418
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335418
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3724
reference_id CVE-2016-3724
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3724
13
reference_url https://github.com/advisories/GHSA-7vvj-qqvj-h8mc
reference_id GHSA-7vvj-qqvj-h8mc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7vvj-qqvj-h8mc
14
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3724, GHSA-7vvj-qqvj-h8mc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kt3k-9uyt-13d1
10
url VCID-p7v4-63fw-kqaj
vulnerability_id VCID-p7v4-63fw-kqaj
summary 
Information Exposure
Jenkins does not use a constant-time algorithm to verify API tokens, which makes it easier for remote attackers to determine API tokens via a brute-force approach.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0711
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0711
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0790.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0790.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0790
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.4382
published_at 2026-04-16T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.43775
published_at 2026-04-12T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.438
published_at 2026-04-04T12:55:00Z
3
value 0.00212
scoring_system epss
scoring_elements 0.43732
published_at 2026-04-07T12:55:00Z
4
value 0.00212
scoring_system epss
scoring_elements 0.43783
published_at 2026-04-08T12:55:00Z
5
value 0.00212
scoring_system epss
scoring_elements 0.43787
published_at 2026-04-09T12:55:00Z
6
value 0.00212
scoring_system epss
scoring_elements 0.43807
published_at 2026-04-11T12:55:00Z
7
value 0.00212
scoring_system epss
scoring_elements 0.43759
published_at 2026-04-13T12:55:00Z
8
value 0.00212
scoring_system epss
scoring_elements 0.43721
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0790
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311948
reference_id 1311948
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311948
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0790
reference_id CVE-2016-0790
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0790
10
reference_url https://github.com/advisories/GHSA-jgpr-qrw2-6gp3
reference_id GHSA-jgpr-qrw2-6gp3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jgpr-qrw2-6gp3
11
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-0790, GHSA-jgpr-qrw2-6gp3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p7v4-63fw-kqaj
11
url VCID-puux-2z74-3yea
vulnerability_id VCID-puux-2z74-3yea
summary 
Information Exposure
Jenkins allows remote authenticated users with read access to obtain sensitive plugin installation information by leveraging missing permissions checks in unspecified XML/JSON API endpoints.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3723.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3723.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3723
reference_id
reference_type
scores
0
value 0.00069
scoring_system epss
scoring_elements 0.21237
published_at 2026-04-16T12:55:00Z
1
value 0.00069
scoring_system epss
scoring_elements 0.21224
published_at 2026-04-01T12:55:00Z
2
value 0.00069
scoring_system epss
scoring_elements 0.2138
published_at 2026-04-02T12:55:00Z
3
value 0.00069
scoring_system epss
scoring_elements 0.21435
published_at 2026-04-04T12:55:00Z
4
value 0.00069
scoring_system epss
scoring_elements 0.21186
published_at 2026-04-07T12:55:00Z
5
value 0.00069
scoring_system epss
scoring_elements 0.21266
published_at 2026-04-08T12:55:00Z
6
value 0.00069
scoring_system epss
scoring_elements 0.21328
published_at 2026-04-09T12:55:00Z
7
value 0.00069
scoring_system epss
scoring_elements 0.21338
published_at 2026-04-11T12:55:00Z
8
value 0.00069
scoring_system epss
scoring_elements 0.21297
published_at 2026-04-12T12:55:00Z
9
value 0.00069
scoring_system epss
scoring_elements 0.21244
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3723
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
5
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335417
reference_id 1335417
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335417
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3723
reference_id CVE-2016-3723
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3723
12
reference_url https://github.com/advisories/GHSA-8572-5jrg-mx52
reference_id GHSA-8572-5jrg-mx52
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8572-5jrg-mx52
13
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3723, GHSA-8572-5jrg-mx52
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-puux-2z74-3yea
12
url VCID-y5vs-8bqz-sqf5
vulnerability_id VCID-y5vs-8bqz-sqf5
summary 
Jenkins has CRLF Injection Vulnerability in the CLI
CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0711
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0711
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0789.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0789.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0789
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35297
published_at 2026-04-16T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.35135
published_at 2026-04-01T12:55:00Z
2
value 0.00148
scoring_system epss
scoring_elements 0.35336
published_at 2026-04-02T12:55:00Z
3
value 0.00148
scoring_system epss
scoring_elements 0.35363
published_at 2026-04-04T12:55:00Z
4
value 0.00148
scoring_system epss
scoring_elements 0.35246
published_at 2026-04-07T12:55:00Z
5
value 0.00148
scoring_system epss
scoring_elements 0.35292
published_at 2026-04-08T12:55:00Z
6
value 0.00148
scoring_system epss
scoring_elements 0.35315
published_at 2026-04-09T12:55:00Z
7
value 0.00148
scoring_system epss
scoring_elements 0.35318
published_at 2026-04-11T12:55:00Z
8
value 0.00148
scoring_system epss
scoring_elements 0.35282
published_at 2026-04-12T12:55:00Z
9
value 0.00148
scoring_system epss
scoring_elements 0.35258
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0789
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/f5c51fbad2b62b81dc1e0402aeee058a4a478046
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/f5c51fbad2b62b81dc1e0402aeee058a4a478046
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311947
reference_id 1311947
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311947
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0789
reference_id CVE-2016-0789
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
2
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0789
12
reference_url https://github.com/advisories/GHSA-8p3c-m625-wh83
reference_id GHSA-8p3c-m625-wh83
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8p3c-m625-wh83
13
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-0789, GHSA-8p3c-m625-wh83
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y5vs-8bqz-sqf5
13
url VCID-yvec-gpmh-73hq
vulnerability_id VCID-yvec-gpmh-73hq
summary 
Permissions, Privileges, and Access Controls
Jenkins allows remote authenticated users to trigger updating of update site metadata by leveraging a missing permission check.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3725.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3725.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3725
reference_id
reference_type
scores
0
value 0.00162
scoring_system epss
scoring_elements 0.37148
published_at 2026-04-16T12:55:00Z
1
value 0.00162
scoring_system epss
scoring_elements 0.37062
published_at 2026-04-01T12:55:00Z
2
value 0.00162
scoring_system epss
scoring_elements 0.37228
published_at 2026-04-02T12:55:00Z
3
value 0.00162
scoring_system epss
scoring_elements 0.37255
published_at 2026-04-04T12:55:00Z
4
value 0.00162
scoring_system epss
scoring_elements 0.37087
published_at 2026-04-07T12:55:00Z
5
value 0.00162
scoring_system epss
scoring_elements 0.37138
published_at 2026-04-08T12:55:00Z
6
value 0.00162
scoring_system epss
scoring_elements 0.37152
published_at 2026-04-09T12:55:00Z
7
value 0.00162
scoring_system epss
scoring_elements 0.37162
published_at 2026-04-11T12:55:00Z
8
value 0.00162
scoring_system epss
scoring_elements 0.37128
published_at 2026-04-12T12:55:00Z
9
value 0.00162
scoring_system epss
scoring_elements 0.371
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3725
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
5
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335420
reference_id 1335420
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335420
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3725
reference_id CVE-2016-3725
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3725
12
reference_url https://github.com/advisories/GHSA-59fm-6x3q-q3q5
reference_id GHSA-59fm-6x3q-q3q5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-59fm-6x3q-q3q5
13
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3725, GHSA-59fm-6x3q-q3q5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yvec-gpmh-73hq
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift-origin-node-util@1.38.7.1-1%3Farch=el6op