Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jenkins-ci.main/jenkins-core@2.121
Typemaven
Namespaceorg.jenkins-ci.main
Namejenkins-core
Version2.121
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.121.3
Latest_non_vulnerable_version2.555
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-8x6t-vhae-kkd8
vulnerability_id VCID-8x6t-vhae-kkd8
summary 
Information Exposure
An information exposure vulnerability exists in Jenkins that allows users with Overall/Read access to enumerate all installed plugins.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000192.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000192.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000192
reference_id
reference_type
scores
0
value 0.00479
scoring_system epss
scoring_elements 0.65057
published_at 2026-04-21T12:55:00Z
1
value 0.00479
scoring_system epss
scoring_elements 0.64942
published_at 2026-04-01T12:55:00Z
2
value 0.00479
scoring_system epss
scoring_elements 0.64992
published_at 2026-04-02T12:55:00Z
3
value 0.00479
scoring_system epss
scoring_elements 0.65019
published_at 2026-04-04T12:55:00Z
4
value 0.00479
scoring_system epss
scoring_elements 0.64982
published_at 2026-04-07T12:55:00Z
5
value 0.00479
scoring_system epss
scoring_elements 0.65032
published_at 2026-04-08T12:55:00Z
6
value 0.00479
scoring_system epss
scoring_elements 0.65046
published_at 2026-04-09T12:55:00Z
7
value 0.00479
scoring_system epss
scoring_elements 0.65064
published_at 2026-04-11T12:55:00Z
8
value 0.00479
scoring_system epss
scoring_elements 0.65053
published_at 2026-04-12T12:55:00Z
9
value 0.00479
scoring_system epss
scoring_elements 0.65026
published_at 2026-04-13T12:55:00Z
10
value 0.00479
scoring_system epss
scoring_elements 0.65063
published_at 2026-04-16T12:55:00Z
11
value 0.00479
scoring_system epss
scoring_elements 0.65073
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000192
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/7c5b41bfd5d8004f82684a9168dd627e20ea5f35
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/7c5b41bfd5d8004f82684a9168dd627e20ea5f35
4
reference_url https://github.com/jenkinsci/jenkins/commit/809916b59b7c7678dc3c1c76338452121fed1424
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/809916b59b7c7678dc3c1c76338452121fed1424
5
reference_url https://jenkins.io/security/advisory/2018-05-09/#SECURITY-771
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2018-05-09/#SECURITY-771
6
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1576706
reference_id 1576706
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1576706
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000192
reference_id CVE-2018-1000192
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000192
12
reference_url https://github.com/advisories/GHSA-2w4x-rxp7-grg7
reference_id GHSA-2w4x-rxp7-grg7
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2w4x-rxp7-grg7
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
aliases CVE-2018-1000192, GHSA-2w4x-rxp7-grg7
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8x6t-vhae-kkd8
1
url VCID-df66-65bh-3fhy
vulnerability_id VCID-df66-65bh-3fhy
summary 
Cross-Site Request Forgery (CSRF)
A server-side request forgery vulnerability exists in Jenkins that allows users with Overall/Read permission to have Jenkins submit an HTTP GET request to an arbitrary URL and learn whether the response is successful or not.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000195.json
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000195.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000195
reference_id
reference_type
scores
0
value 0.00695
scoring_system epss
scoring_elements 0.71937
published_at 2026-04-21T12:55:00Z
1
value 0.00695
scoring_system epss
scoring_elements 0.71868
published_at 2026-04-01T12:55:00Z
2
value 0.00695
scoring_system epss
scoring_elements 0.71875
published_at 2026-04-02T12:55:00Z
3
value 0.00695
scoring_system epss
scoring_elements 0.71894
published_at 2026-04-04T12:55:00Z
4
value 0.00695
scoring_system epss
scoring_elements 0.71866
published_at 2026-04-07T12:55:00Z
5
value 0.00695
scoring_system epss
scoring_elements 0.71905
published_at 2026-04-13T12:55:00Z
6
value 0.00695
scoring_system epss
scoring_elements 0.71916
published_at 2026-04-09T12:55:00Z
7
value 0.00695
scoring_system epss
scoring_elements 0.7194
published_at 2026-04-11T12:55:00Z
8
value 0.00695
scoring_system epss
scoring_elements 0.71922
published_at 2026-04-12T12:55:00Z
9
value 0.00695
scoring_system epss
scoring_elements 0.71947
published_at 2026-04-16T12:55:00Z
10
value 0.00695
scoring_system epss
scoring_elements 0.71952
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000195
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/6eea1e97840b5623829b2c1fd2e363c045bdc230
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/6eea1e97840b5623829b2c1fd2e363c045bdc230
4
reference_url https://jenkins.io/security/advisory/2018-05-09/#SECURITY-794
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2018-05-09/#SECURITY-794
5
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1576712
reference_id 1576712
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1576712
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000195
reference_id CVE-2018-1000195
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:N/A:N
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000195
11
reference_url https://github.com/advisories/GHSA-rgmj-mccj-h9mx
reference_id GHSA-rgmj-mccj-h9mx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rgmj-mccj-h9mx
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
aliases CVE-2018-1000195, GHSA-rgmj-mccj-h9mx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-df66-65bh-3fhy
2
url VCID-h88g-ywc5-1ycw
vulnerability_id VCID-h88g-ywc5-1ycw
summary 
Injection Vulnerability
An improper neutralization of control sequences vulnerability exists in Jenkins in `HudsonPrivateSecurityRealm.java` that allows users to sign up using user names containing control characters that can then appear to have the same name as other users, and cannot be deleted via the UI.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000193.json
reference_id
reference_type
scores
0
value 3.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000193.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000193
reference_id
reference_type
scores
0
value 0.00759
scoring_system epss
scoring_elements 0.73369
published_at 2026-04-18T12:55:00Z
1
value 0.00759
scoring_system epss
scoring_elements 0.73267
published_at 2026-04-01T12:55:00Z
2
value 0.00759
scoring_system epss
scoring_elements 0.73276
published_at 2026-04-02T12:55:00Z
3
value 0.00759
scoring_system epss
scoring_elements 0.733
published_at 2026-04-04T12:55:00Z
4
value 0.00759
scoring_system epss
scoring_elements 0.73272
published_at 2026-04-07T12:55:00Z
5
value 0.00759
scoring_system epss
scoring_elements 0.73308
published_at 2026-04-08T12:55:00Z
6
value 0.00759
scoring_system epss
scoring_elements 0.73321
published_at 2026-04-09T12:55:00Z
7
value 0.00759
scoring_system epss
scoring_elements 0.73345
published_at 2026-04-11T12:55:00Z
8
value 0.00759
scoring_system epss
scoring_elements 0.73326
published_at 2026-04-12T12:55:00Z
9
value 0.00759
scoring_system epss
scoring_elements 0.73318
published_at 2026-04-13T12:55:00Z
10
value 0.00759
scoring_system epss
scoring_elements 0.73362
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000193
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/de7aaab441151fb1760855fec83681c6a8756a45
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/de7aaab441151fb1760855fec83681c6a8756a45
4
reference_url https://jenkins.io/security/advisory/2018-05-09/#SECURITY-786
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2018-05-09/#SECURITY-786
5
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1576708
reference_id 1576708
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1576708
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000193
reference_id CVE-2018-1000193
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:P/A:N
1
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000193
11
reference_url https://github.com/advisories/GHSA-7592-93rm-6gpx
reference_id GHSA-7592-93rm-6gpx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7592-93rm-6gpx
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
aliases CVE-2018-1000193, GHSA-7592-93rm-6gpx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h88g-ywc5-1ycw
3
url VCID-pdf9-n6qs-ybcc
vulnerability_id VCID-pdf9-n6qs-ybcc
summary 
Path Traversal
A path traversal vulnerability exists in Jenkins in `FilePath.java`, `SoloFilePathFilter.java` that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000194.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-1000194.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-1000194
reference_id
reference_type
scores
0
value 0.00469
scoring_system epss
scoring_elements 0.64573
published_at 2026-04-21T12:55:00Z
1
value 0.00469
scoring_system epss
scoring_elements 0.64588
published_at 2026-04-18T12:55:00Z
2
value 0.00469
scoring_system epss
scoring_elements 0.64576
published_at 2026-04-16T12:55:00Z
3
value 0.00469
scoring_system epss
scoring_elements 0.64542
published_at 2026-04-13T12:55:00Z
4
value 0.00469
scoring_system epss
scoring_elements 0.64571
published_at 2026-04-12T12:55:00Z
5
value 0.00469
scoring_system epss
scoring_elements 0.64583
published_at 2026-04-11T12:55:00Z
6
value 0.00469
scoring_system epss
scoring_elements 0.64567
published_at 2026-04-09T12:55:00Z
7
value 0.00469
scoring_system epss
scoring_elements 0.64551
published_at 2026-04-08T12:55:00Z
8
value 0.00469
scoring_system epss
scoring_elements 0.64545
published_at 2026-04-04T12:55:00Z
9
value 0.00469
scoring_system epss
scoring_elements 0.64503
published_at 2026-04-07T12:55:00Z
10
value 0.00469
scoring_system epss
scoring_elements 0.64515
published_at 2026-04-02T12:55:00Z
11
value 0.00469
scoring_system epss
scoring_elements 0.64461
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-1000194
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/5cf0a77d44310523b763698f67d645c1f2427f30
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/5cf0a77d44310523b763698f67d645c1f2427f30
4
reference_url https://jenkins.io/security/advisory/2018-05-09/#SECURITY-788
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2018-05-09/#SECURITY-788
5
reference_url https://www.oracle.com/security-alerts/cpuapr2022.html
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuapr2022.html
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1576711
reference_id 1576711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1576711
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:communications_cloud_native_core_automated_test_suite:1.9.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-1000194
reference_id CVE-2018-1000194
reference_type
scores
0
value 5.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-1000194
11
reference_url https://github.com/advisories/GHSA-x646-m7x2-gcp7
reference_id GHSA-x646-m7x2-gcp7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x646-m7x2-gcp7
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.107.3
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.121
aliases CVE-2018-1000194, GHSA-x646-m7x2-gcp7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pdf9-n6qs-ybcc
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.121