Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/120830?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/120830?format=api", "purl": "pkg:rpm/redhat/rubygem-rack@1:1.3.0-4?arch=el6op", "type": "rpm", "namespace": "redhat", "name": "rubygem-rack", "version": "1:1.3.0-4", "qualifiers": { "arch": "el6op" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86068?format=api", "vulnerability_id": "VCID-1r79-ts6t-hufh", "summary": "Enterprise: gears fail to properly isolate network traffic", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1796.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1796.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1906.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1906.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3674.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3674.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60738", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60582", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60657", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60685", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60655", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60703", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60719", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60743", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.6073", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60711", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60754", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.6076", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60745", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60733", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.004", "scoring_system": "epss", "scoring_elements": "0.60746", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3674" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1148170", "reference_id": "1148170", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1148170" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.1:*:enterprise:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.1:*:enterprise:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.1:*:enterprise:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.2:*:enterprise:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.2:*:enterprise:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.2:*:enterprise:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.3:*:enterprise:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.3:*:enterprise:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.3:*:enterprise:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.4:*:enterprise:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.4:*:enterprise:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.4:*:enterprise:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.5:*:enterprise:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.5:*:enterprise:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.5:*:enterprise:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.6:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.6:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.6:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.1:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.1:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.1:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.2:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.2:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.2:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.3:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.3:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.3:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.4:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.4:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.4:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.5:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.5:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.5:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.6:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.6:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.6:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.7:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.7:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.7:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3674", "reference_id": "CVE-2014-3674", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3674" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1796", "reference_id": "RHSA-2014:1796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1906", "reference_id": "RHSA-2014:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1906" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3674" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1r79-ts6t-hufh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6771?format=api", "vulnerability_id": "VCID-35e6-cpn8-w7h1", "summary": "Symlink path traversal in Rack::File\nAffected versions allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka \"symlink path traversals.\"", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html" }, { "reference_url": "http://rack.github.com/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rack.github.com/" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0262.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0262.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0262", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01256", "scoring_system": "epss", "scoring_elements": "0.79407", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01256", "scoring_system": "epss", "scoring_elements": "0.79409", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01256", "scoring_system": "epss", "scoring_elements": "0.79377", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01256", "scoring_system": "epss", "scoring_elements": "0.79388", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01256", "scoring_system": "epss", "scoring_elements": "0.79403", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01256", "scoring_system": "epss", "scoring_elements": "0.7938", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01256", "scoring_system": "epss", "scoring_elements": "0.79371", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01256", "scoring_system": "epss", "scoring_elements": "0.79345", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01256", "scoring_system": "epss", "scoring_elements": "0.79359", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01256", "scoring_system": "epss", "scoring_elements": "0.79329", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01256", "scoring_system": "epss", "scoring_elements": "0.79335", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01263", "scoring_system": "epss", "scoring_elements": "0.79525", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01263", "scoring_system": "epss", "scoring_elements": "0.79472", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01263", "scoring_system": "epss", "scoring_elements": "0.79503", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01263", "scoring_system": "epss", "scoring_elements": "0.7951", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0262" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=909071", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=909071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=909072", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=909072" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262" }, { "reference_url": "http://secunia.com/advisories/52033", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/52033" }, { "reference_url": "https://gist.github.com/rentzsch/4736940", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gist.github.com/rentzsch/4736940" }, { "reference_url": "https://github.com/rack/rack", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rack/rack" }, { "reference_url": "https://github.com/rack/rack/blob/master/lib/rack/file.rb#L56", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rack/rack/blob/master/lib/rack/file.rb#L56" }, { "reference_url": "https://github.com/rack/rack/commit/6f237e4c9fab649d3750482514f0fde76c56ab30", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rack/rack/commit/6f237e4c9fab649d3750482514f0fde76c56ab30" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0262.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0262.yml" }, { "reference_url": "https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ" }, { "reference_url": "https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ" }, { "reference_url": "https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ" }, { "reference_url": "https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0262", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0262" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700173", "reference_id": "700173", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700173" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-85r7-w5mv-c849", "reference_id": "GHSA-85r7-w5mv-c849", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-85r7-w5mv-c849" }, { "reference_url": "https://security.gentoo.org/glsa/201405-10", "reference_id": "GLSA-201405-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201405-10" } ], "fixed_packages": [], "aliases": [ "CVE-2013-0262", "GHSA-85r7-w5mv-c849", "OSV-89938" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-35e6-cpn8-w7h1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14343?format=api", "vulnerability_id": "VCID-59k5-93zx-17dn", "summary": "Jenkins allows Remote Users to Build Arbitrary Jobs\nUnspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0330.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0330.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0330", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53298", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53288", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53316", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53337", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53331", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53293", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.5326", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53261", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53211", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53235", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.5331", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53326", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53275", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.5328", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.003", "scoring_system": "epss", "scoring_elements": "0.53228", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0330" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=914878", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=914878" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16" }, { "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/21/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/02/21/7" }, { "reference_url": "http://www.securityfocus.com/bid/57994", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/57994" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0330", "reference_id": "CVE-2013-0330", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:P/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0330" }, { "reference_url": "https://github.com/advisories/GHSA-25c5-58xw-hw5q", "reference_id": "GHSA-25c5-58xw-hw5q", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-25c5-58xw-hw5q" } ], "fixed_packages": [], "aliases": [ "CVE-2013-0330", "GHSA-25c5-58xw-hw5q" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-59k5-93zx-17dn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86161?format=api", "vulnerability_id": "VCID-5ey2-dm5w-y7a6", "summary": "OpenShift: /proc/net/tcp information disclosure", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1796.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1796.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2014-1906.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rhn.redhat.com/errata/RHSA-2014-1906.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3602.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3602.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15012", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1515", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15191", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15259", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15061", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15149", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.152", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.1517", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15132", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15068", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.14967", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.14977", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15028", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15067", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00049", "scoring_system": "epss", "scoring_elements": "0.15069", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3602" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131680", "reference_id": "1131680", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1131680" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.1:*:enterprise:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.1:*:enterprise:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.1:*:enterprise:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.2:*:enterprise:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.2:*:enterprise:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.2:*:enterprise:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.3:*:enterprise:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.3:*:enterprise:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.3:*:enterprise:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.4:*:enterprise:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.4:*:enterprise:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.4:*:enterprise:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.5:*:enterprise:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.5:*:enterprise:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.5:*:enterprise:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.6:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.0.6:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0.6:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.1:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.1:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.1:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.2:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.2:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.2:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.3:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.3:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.3:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.4:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.4:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.4:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.5:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.5:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.5:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.6:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.6:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.6:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.7:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1.7:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1.7:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:2.1:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.1:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3602", "reference_id": "CVE-2014-3602", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:P/I:N/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3602" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1796", "reference_id": "RHSA-2014:1796", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1796" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2014:1906", "reference_id": "RHSA-2014:1906", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2014:1906" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3602" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5ey2-dm5w-y7a6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14340?format=api", "vulnerability_id": "VCID-9wdu-x7wy-tkf4", "summary": "Cross-Site Request Forgery (CSRF)\nCVE-2013-0328 jenkins: XSS", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0328.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0328.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0328", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30342", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30735", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.3076", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.3074", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30706", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30542", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30425", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30742", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30868", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30914", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30733", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30792", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30824", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.30825", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00118", "scoring_system": "epss", "scoring_elements": "0.3078", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0328" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=914876", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=914876" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16" }, { "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/21/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/02/21/7" }, { "reference_url": "http://www.securityfocus.com/bid/57994", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/57994" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-0328", "reference_id": "CVE-2013-0328", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-0328" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0328", "reference_id": "CVE-2013-0328", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0328" }, { "reference_url": "https://github.com/advisories/GHSA-q5f8-fxrx-pw6f", "reference_id": "GHSA-q5f8-fxrx-pw6f", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-q5f8-fxrx-pw6f" } ], "fixed_packages": [], "aliases": [ "CVE-2013-0328", "GHSA-q5f8-fxrx-pw6f" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9wdu-x7wy-tkf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55340?format=api", "vulnerability_id": "VCID-c883-yge1-yygb", "summary": "openshift-origin-node Improper Input Validation vulnerability\nRuby gem openshift-origin-node before 2014-02-14 does not contain a cronjob timeout which could result in a denial of service in cron.daily and cron.weekly.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:0487", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:0487" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0084.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0084.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-0084", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-0084" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0084", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31064", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.30858", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31428", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31249", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31302", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31332", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31337", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31293", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.3125", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31284", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31264", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31237", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31246", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.30941", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00122", "scoring_system": "epss", "scoring_elements": "0.31387", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0084" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065198", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1065198" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0084", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-0084" }, { "reference_url": "https://github.com/openshift/origin-server", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openshift/origin-server" }, { "reference_url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/openshift-origin-node/CVE-2014-0084.yml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/openshift-origin-node/CVE-2014-0084.yml" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0084", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-0084" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_origin:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift_origin:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_origin:*:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-756m-3qf2-hp58", "reference_id": "GHSA-756m-3qf2-hp58", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-756m-3qf2-hp58" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0084", "GHSA-756m-3qf2-hp58" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c883-yge1-yygb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14354?format=api", "vulnerability_id": "VCID-ka2b-nyb7-s3c7", "summary": "Cross-Site Request Forgery (CSRF)\nUnspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0638", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2013:0638" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0329.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0329.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0329", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42464", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42658", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42641", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42701", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42688", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42624", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42548", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42549", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42569", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.4264", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42668", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42608", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.4266", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42671", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00205", "scoring_system": "epss", "scoring_elements": "0.42694", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0329" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=914877", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=914877" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16" }, { "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/21/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/02/21/7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-0329", "reference_id": "CVE-2013-0329", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-0329" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0329", "reference_id": "CVE-2013-0329", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0329" }, { "reference_url": "https://github.com/advisories/GHSA-78cj-2m29-q5r9", "reference_id": "GHSA-78cj-2m29-q5r9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-78cj-2m29-q5r9" } ], "fixed_packages": [], "aliases": [ "CVE-2013-0329", "GHSA-78cj-2m29-q5r9" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ka2b-nyb7-s3c7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14367?format=api", "vulnerability_id": "VCID-kwt4-b76w-tfas", "summary": "Cross-Site Request Forgery (CSRF)\nCross-site request forgery (CSRF) vulnerability in Jenkins master in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to hijack the authentication of users via unknown vectors.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0638", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2013:0638" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0327.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0327.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0327", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46981", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47053", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47027", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47034", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.4709", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47086", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47035", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47022", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46976", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47012", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47031", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.46979", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47033", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47029", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0327" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=914875", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=914875" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16" }, { "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/21/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/02/21/7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-0327", "reference_id": "CVE-2013-0327", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-0327" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0327", "reference_id": "CVE-2013-0327", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:P/I:P/A:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0327" }, { "reference_url": "https://github.com/advisories/GHSA-rqhg-cxfr-8xqw", "reference_id": "GHSA-rqhg-cxfr-8xqw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-rqhg-cxfr-8xqw" } ], "fixed_packages": [], "aliases": [ "CVE-2013-0327", "GHSA-rqhg-cxfr-8xqw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kwt4-b76w-tfas" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/14347?format=api", "vulnerability_id": "VCID-ntb4-3udv-s7fv", "summary": "Jenkins Vulnerable to Denial of Service (DoS) via Crafted Payload\nJenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload.", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0638.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0331.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0331.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0331", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60374", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60359", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60383", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60394", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60386", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60297", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60362", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60221", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60323", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60344", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60363", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60377", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60356", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.6034", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00395", "scoring_system": "epss", "scoring_elements": "0.60291", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0331" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=914879", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=914879" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16" }, { "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/02/21/7", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2013/02/21/7" }, { "reference_url": "http://www.securityfocus.com/bid/57994", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/57994" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0331", "reference_id": "CVE-2013-0331", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:N/I:N/A:P" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0331" }, { "reference_url": "https://github.com/advisories/GHSA-5c56-g5cq-4gj9", "reference_id": "GHSA-5c56-g5cq-4gj9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5c56-g5cq-4gj9" } ], "fixed_packages": [], "aliases": [ "CVE-2013-0331", "GHSA-5c56-g5cq-4gj9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ntb4-3udv-s7fv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57793?format=api", "vulnerability_id": "VCID-rrwv-dzq7-9ybd", "summary": "Jenkins Cross-Site Request Forgery vulnerabilities\nMultiple cross-site request forgery (CSRF) vulnerabilities in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary code or (2) initiate deployment of binaries to a Maven repository via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHEA-2013:1032", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHEA-2013:1032" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2034.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2034.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-2034", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-2034" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2034", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56023", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.5611", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56093", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56128", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.5613", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.561", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56026", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56047", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.55955", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56066", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56086", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56065", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56117", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56122", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00332", "scoring_system": "epss", "scoring_elements": "0.56133", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2034" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=958958", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=958958" }, { "reference_url": "https://issues.jenkins-ci.org/browse/SECURITY-63", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.jenkins-ci.org/browse/SECURITY-63" }, { "reference_url": "https://issues.jenkins-ci.org/browse/SECURITY-69", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.jenkins-ci.org/browse/SECURITY-69" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2034", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2034" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02" }, { "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb" }, { "reference_url": "https://github.com/advisories/GHSA-fg4r-f9j2-36mw", "reference_id": "GHSA-fg4r-f9j2-36mw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fg4r-f9j2-36mw" } ], "fixed_packages": [], "aliases": [ "CVE-2013-2034", "GHSA-fg4r-f9j2-36mw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rrwv-dzq7-9ybd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86211?format=api", "vulnerability_id": "VCID-s2ka-cp49-q3hz", "summary": "mcollective: default password set at install", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0175.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0175.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0175", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65094", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65144", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65169", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65135", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65185", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65197", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65216", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65203", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65175", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.6521", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.6522", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65229", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00483", "scoring_system": "epss", "scoring_elements": "0.65228", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0175" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086381", "reference_id": "1086381", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1086381" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0175" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s2ka-cp49-q3hz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86283?format=api", "vulnerability_id": "VCID-vnm4-gfjh-8qa7", "summary": "openshift-origin-broker: default password creation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0234.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0234.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0234", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92488", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92494", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92503", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92505", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92517", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92522", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92528", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92529", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92539", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92542", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92543", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92544", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.08806", "scoring_system": "epss", "scoring_elements": "0.92541", "published_at": "2026-04-29T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-0234" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097008", "reference_id": "1097008", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1097008" } ], "fixed_packages": [], "aliases": [ "CVE-2014-0234" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vnm4-gfjh-8qa7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/86781?format=api", "vulnerability_id": "VCID-xenc-mfdw-mucm", "summary": "stapler-adjunct-zeroclipboard: XSS via copying XSS payload into buffer", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1808.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-1808.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1808", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01651", "scoring_system": "epss", "scoring_elements": "0.81947", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01651", "scoring_system": "epss", "scoring_elements": "0.81959", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01651", "scoring_system": "epss", "scoring_elements": "0.81982", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01651", "scoring_system": "epss", "scoring_elements": "0.81978", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01651", "scoring_system": "epss", "scoring_elements": "0.82005", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01651", "scoring_system": "epss", "scoring_elements": "0.82013", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01651", "scoring_system": "epss", "scoring_elements": "0.82032", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01651", "scoring_system": "epss", "scoring_elements": "0.82022", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.83067", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.83108", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.83029", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.83101", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.8307", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01856", "scoring_system": "epss", "scoring_elements": "0.83093", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1808" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1808", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1808" }, { "reference_url": "http://seclists.org/fulldisclosure/2013/Apr/87", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2013/Apr/87" }, { "reference_url": "http://seclists.org/fulldisclosure/2013/Apr/88", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2013/Apr/88" }, { "reference_url": "http://seclists.org/fulldisclosure/2013/Feb/103", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2013/Feb/103" }, { "reference_url": "http://seclists.org/fulldisclosure/2013/Feb/109", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2013/Feb/109" }, { "reference_url": "http://seclists.org/fulldisclosure/2013/Mar/5", "reference_id": "", "reference_type": "", "scores": [], "url": "http://seclists.org/fulldisclosure/2013/Mar/5" }, { "reference_url": "http://securityvulns.ru/docs29103.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityvulns.ru/docs29103.html" }, { "reference_url": "http://securityvulns.ru/docs29104.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityvulns.ru/docs29104.html" }, { "reference_url": "http://securityvulns.ru/docs29105.html", "reference_id": "", "reference_type": "", "scores": [], "url": "http://securityvulns.ru/docs29105.html" }, { "reference_url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-108", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jonrohan/ZeroClipboard/blob/master/docs/releases.md#zeroclipboard-108" }, { "reference_url": "https://github.com/jonrohan/ZeroClipboard/commit/a0e02933f5f7ce5f364fbad36a005f0a349f0696", "reference_id": "", "reference_type": "", "scores": [], "url": "https://github.com/jonrohan/ZeroClipboard/commit/a0e02933f5f7ce5f364fbad36a005f0a349f0696" }, { "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/03/03/3", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/03/03/3" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/03/10/2", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/03/10/2" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/03/25/1", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/03/25/1" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2013/03/26/8", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.openwall.com/lists/oss-security/2013/03/26/8" }, { "reference_url": "http://www.securityfocus.com/bid/58257", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.securityfocus.com/bid/58257" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=918054", "reference_id": "918054", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=918054" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zeroclipboard_project:zeroclipboard:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zeroclipboard_project:zeroclipboard:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.0.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.0.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zeroclipboard_project:zeroclipboard:1.0.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1808", "reference_id": "CVE-2013-1808", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-1808" } ], "fixed_packages": [], "aliases": [ "CVE-2013-1808" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xenc-mfdw-mucm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/6770?format=api", "vulnerability_id": "VCID-y12d-fjpf-uubh", "summary": "Timing attack against Rack::Session::Cookie\nAffected versions allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving am HMAC comparison function that does not run in constant time.", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html" }, { "reference_url": "http://rack.github.com/", "reference_id": "", "reference_type": "", "scores": [], "url": "http://rack.github.com/" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0686.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0686.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.08626", "scoring_system": "epss", "scoring_elements": "0.9245", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.08626", "scoring_system": "epss", "scoring_elements": "0.92439", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.08626", "scoring_system": "epss", "scoring_elements": "0.92441", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.08626", "scoring_system": "epss", "scoring_elements": "0.92438", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.08626", "scoring_system": "epss", "scoring_elements": "0.92432", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.08626", "scoring_system": "epss", "scoring_elements": "0.92428", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.08626", "scoring_system": "epss", "scoring_elements": "0.92416", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.08626", "scoring_system": "epss", "scoring_elements": "0.92413", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.08626", "scoring_system": "epss", "scoring_elements": "0.92398", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.08626", "scoring_system": "epss", "scoring_elements": "0.92405", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.08626", "scoring_system": "epss", "scoring_elements": "0.92449", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.16071", "scoring_system": "epss", "scoring_elements": "0.94805", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.16071", "scoring_system": "epss", "scoring_elements": "0.94801", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.16071", "scoring_system": "epss", "scoring_elements": "0.94802", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.16071", "scoring_system": "epss", "scoring_elements": "0.94804", "published_at": "2026-04-26T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0263" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=909071", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=909071" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263" }, { "reference_url": "http://secunia.com/advisories/52033", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/52033" }, { "reference_url": "http://secunia.com/advisories/52134", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/52134" }, { "reference_url": "http://secunia.com/advisories/52774", "reference_id": "", "reference_type": "", "scores": [], "url": "http://secunia.com/advisories/52774" }, { "reference_url": "https://gist.github.com/codahale/f9f3781f7b54985bee94", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://gist.github.com/codahale/f9f3781f7b54985bee94" }, { "reference_url": "https://github.com/rack/rack", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rack/rack" }, { "reference_url": "https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07" }, { "reference_url": "https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11" }, { "reference_url": "https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J" }, { "reference_url": "https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ" }, { "reference_url": "https://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ" }, { "reference_url": "https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ" }, { "reference_url": "https://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ", "reference_id": "", "reference_type": "", "scores": [], "url": "https://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ" }, { "reference_url": "https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ" }, { "reference_url": "https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ" }, { "reference_url": "https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ" }, { "reference_url": "https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0263", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.1", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:H/Au:N/C:P/I:P/A:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0263" }, { "reference_url": "https://puppet.com/security/cve/cve-2013-0263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://puppet.com/security/cve/cve-2013-0263" }, { "reference_url": "https://twitter.com/coda/statuses/299732877745197056", "reference_id": "", "reference_type": "", "scores": [], "url": "https://twitter.com/coda/statuses/299732877745197056" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2783", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2013/dsa-2783" }, { "reference_url": "http://www.osvdb.org/89939", "reference_id": "", "reference_type": "", "scores": [], "url": "http://www.osvdb.org/89939" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226", "reference_id": "700226", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.1.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.1.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.2.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.9:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.3.9:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.9:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-xc85-32mf-xpv8", "reference_id": "GHSA-xc85-32mf-xpv8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-xc85-32mf-xpv8" }, { "reference_url": "https://security.gentoo.org/glsa/201405-10", "reference_id": "GLSA-201405-10", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201405-10" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:0686", "reference_id": "RHSA-2013:0686", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:0686" } ], "fixed_packages": [], "aliases": [ "CVE-2013-0263", "GHSA-xc85-32mf-xpv8", "OSV-89939" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-y12d-fjpf-uubh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15472?format=api", "vulnerability_id": "VCID-z46p-c93u-auav", "summary": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\nCVE-2013-2033 Jenkins: Build Description XSS", "references": [ { "reference_url": "https://access.redhat.com/errata/RHEA-2013:1032", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHEA-2013:1032" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2033.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2033.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2033", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.3898", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39364", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39346", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39398", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39369", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39282", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.3908", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39061", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39209", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39382", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39406", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.3932", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39375", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39392", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00178", "scoring_system": "epss", "scoring_elements": "0.39403", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2033" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=958957", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=958957" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84004", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84004" }, { "reference_url": "https://issues.jenkins-ci.org/browse/SECURITY-67", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://issues.jenkins-ci.org/browse/SECURITY-67" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02" }, { "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-2033", "reference_id": "CVE-2013-2033", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2013-2033" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2033", "reference_id": "CVE-2013-2033", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2033" }, { "reference_url": "https://github.com/advisories/GHSA-826f-32qm-vm3j", "reference_id": "GHSA-826f-32qm-vm3j", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-826f-32qm-vm3j" } ], "fixed_packages": [], "aliases": [ "CVE-2013-2033", "GHSA-826f-32qm-vm3j" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z46p-c93u-auav" } ], "fixing_vulnerabilities": [], "risk_score": "3.4", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-rack@1:1.3.0-4%3Farch=el6op" }