VulnerableCode.io REST API

Lookup for vulnerable packages by Package URL.

GET /api/packages/303077?format=api

HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/packages/303077?format=api",
    "purl": "pkg:rpm/redhat/rubygem-openshift-origin-node@1.0.10-6?arch=el6op",
    "type": "rpm",
    "namespace": "redhat",
    "name": "rubygem-openshift-origin-node",
    "version": "1.0.10-6",
    "qualifiers": {
        "arch": "el6op"
    },
    "subpath": "",
    "is_vulnerable": true,
    "next_non_vulnerable_version": null,
    "latest_non_vulnerable_version": null,
    "affected_by_vulnerabilities": [
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58603?format=api",
            "vulnerability_id": "VCID-a72m-bn7d-wbdh",
            "summary": "Jenkins allows Cross-Site Scripting (XSS)\nCross-site scripting (XSS) vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote authenticated users with write access to inject arbitrary web script or HTML via unspecified vectors.",
            "references": [
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2013:0220",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://access.redhat.com/errata/RHSA-2013:0220"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6074.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6074.json"
                },
                {
                    "reference_url": "https://access.redhat.com/security/cve/CVE-2012-6074",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://access.redhat.com/security/cve/CVE-2012-6074"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6074",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00105",
                            "scoring_system": "epss",
                            "scoring_elements": "0.28147",
                            "published_at": "2026-05-29T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6074"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=890612",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=890612"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6074",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6074"
                },
                {
                    "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20"
                },
                {
                    "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2012/12/28/1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.openwall.com/lists/oss-security/2012/12/28/1"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-9hr6-5x6g-gg5g",
                    "reference_id": "GHSA-9hr6-5x6g-gg5g",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/advisories/GHSA-9hr6-5x6g-gg5g"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2012-6074",
                "GHSA-9hr6-5x6g-gg5g"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a72m-bn7d-wbdh"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59075?format=api",
            "vulnerability_id": "VCID-c4yd-esmh-zfhp",
            "summary": "Jenkins allows attackers to obtain the master cryptographic key\nUnspecified vulnerability in Jenkins before 1.498, Jenkins LTS before 1.480.2, and Jenkins Enterprise 1.447.x before 1.447.6.1 and 1.466.x before 1.466.12.1, when a slave is attached and anonymous read access is enabled, allows remote attackers to obtain the master cryptographic key via unknown vectors.",
            "references": [
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0158.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0158.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0158",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00653",
                            "scoring_system": "epss",
                            "scoring_elements": "0.71241",
                            "published_at": "2026-05-29T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0158"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=892795",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=892795"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins/commit/48ecccc1669f325acf72953923f9d9620b2590e3",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins/commit/48ecccc1669f325acf72953923f9d9620b2590e3"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins/commit/56e4b6e287046e4ad2a02f8bd70225a86e74bd34",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins/commit/56e4b6e287046e4ad2a02f8bd70225a86e74bd34"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins/commit/7983ae3baea779df18862623d594744b8d285392",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins/commit/7983ae3baea779df18862623d594744b8d285392"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins/commit/9fb6c2ca0c73b43cc2e6d08c09707ee67005e526",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins/commit/9fb6c2ca0c73b43cc2e6d08c09707ee67005e526"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins/commit/a411b0c3b32eb314d5a26b64de1b3d5db2760443",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins/commit/a411b0c3b32eb314d5a26b64de1b3d5db2760443"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins/commit/e401c7cfe7b28b6ff9d0893e89c2568596b96915",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins/commit/e401c7cfe7b28b6ff9d0893e89c2568596b96915"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0158",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-0158"
                },
                {
                    "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04"
                },
                {
                    "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2013/01/07/4",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.openwall.com/lists/oss-security/2013/01/07/4"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-jwfr-h6jp-9p2g",
                    "reference_id": "GHSA-jwfr-h6jp-9p2g",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "LOW",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-jwfr-h6jp-9p2g"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2013-0158",
                "GHSA-jwfr-h6jp-9p2g"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c4yd-esmh-zfhp"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70489?format=api",
            "vulnerability_id": "VCID-ptdf-qcpk-wyeh",
            "summary": "Origin: rhc-chk.rb password exposure in log files",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5658.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5658.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5658",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00063",
                            "scoring_system": "epss",
                            "scoring_elements": "0.19847",
                            "published_at": "2026-05-29T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-5658"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=889062",
                    "reference_id": "889062",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=889062"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2012-5658"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ptdf-qcpk-wyeh"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/56812?format=api",
            "vulnerability_id": "VCID-qkrj-t7dw-87a4",
            "summary": "Jenkins allows HTTP Injection and Response Splitting\nCRLF injection vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.",
            "references": [
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6072.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6072.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6072",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00099",
                            "scoring_system": "epss",
                            "scoring_elements": "0.27286",
                            "published_at": "2026-05-29T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6072"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=890607",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=890607"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6072",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6072"
                },
                {
                    "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20"
                },
                {
                    "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "6.3",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "MODERATE",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-2q8v-qx2x-hxjx",
                    "reference_id": "GHSA-2q8v-qx2x-hxjx",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/advisories/GHSA-2q8v-qx2x-hxjx"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2012-6072",
                "GHSA-2q8v-qx2x-hxjx"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qkrj-t7dw-87a4"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/58070?format=api",
            "vulnerability_id": "VCID-sq1j-tepb-sqe7",
            "summary": "Jenkins affected by Open Redirect Vulnerability\nOpen redirect vulnerability in Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.",
            "references": [
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.1",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6073.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6073.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6073",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00141",
                            "scoring_system": "epss",
                            "scoring_elements": "0.33913",
                            "published_at": "2026-05-29T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6073"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=890608",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.1",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=890608"
                },
                {
                    "reference_url": "https://github.com/jenkinsci/jenkins",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.1",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/jenkinsci/jenkins"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6073",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.1",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6073"
                },
                {
                    "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.1",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2012-11-20"
                },
                {
                    "reference_url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.1",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2012-11-20.cb"
                },
                {
                    "reference_url": "http://www.openwall.com/lists/oss-security/2012/12/28/1",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "2.1",
                            "scoring_system": "cvssv4",
                            "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N"
                        },
                        {
                            "value": "LOW",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://www.openwall.com/lists/oss-security/2012/12/28/1"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-mqgf-4rw4-2cq2",
                    "reference_id": "GHSA-mqgf-4rw4-2cq2",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://github.com/advisories/GHSA-mqgf-4rw4-2cq2"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2012-6073",
                "GHSA-mqgf-4rw4-2cq2"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sq1j-tepb-sqe7"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/70286?format=api",
            "vulnerability_id": "VCID-ugjg-waup-ubcv",
            "summary": "openshift-origin-port-proxy: openshift-port-proxy-cfg lockwrap() tmp file creation",
            "references": [
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0164.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0164.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0164",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.00056",
                            "scoring_system": "epss",
                            "scoring_elements": "0.17886",
                            "published_at": "2026-05-29T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-0164"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=893307",
                    "reference_id": "893307",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=893307"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2013-0164"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ugjg-waup-ubcv"
        },
        {
            "url": "http://public2.vulnerablecode.io/api/vulnerabilities/27060?format=api",
            "vulnerability_id": "VCID-xej7-nkc8-dkez",
            "summary": "Active Record contains SQL Injection\nSQL injection vulnerability in the Active Record component in Ruby on Rails before 2.3.15, 3.0.x before 3.0.18, 3.1.x before 3.1.9, and 3.2.x before 3.2.10 allows remote attackers to execute arbitrary SQL commands via a crafted request that leverages incorrect behavior of dynamic finders in applications that can use unexpected data types in certain find_by_ method calls.",
            "references": [
                {
                    "reference_url": "http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://blog.phusion.nl/2013/01/03/rails-sql-injection-vulnerability-hold-your-horses-here-are-the-facts"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://rhn.redhat.com/errata/RHSA-2013-0154.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://rhn.redhat.com/errata/RHSA-2013-0220.html"
                },
                {
                    "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-0544.html",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://rhn.redhat.com/errata/RHSA-2013-0544.html"
                },
                {
                    "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6496.json",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-6496.json"
                },
                {
                    "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6496",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "0.01017",
                            "scoring_system": "epss",
                            "scoring_elements": "0.77474",
                            "published_at": "2026-05-29T12:55:00Z"
                        }
                    ],
                    "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6496"
                },
                {
                    "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=889649",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://bugzilla.redhat.com/show_bug.cgi?id=889649"
                },
                {
                    "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6496",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6496"
                },
                {
                    "reference_url": "http://security.gentoo.org/glsa/glsa-201401-22.xml",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "http://security.gentoo.org/glsa/glsa-201401-22.xml"
                },
                {
                    "reference_url": "https://github.com/rails/rails",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/rails/rails"
                },
                {
                    "reference_url": "https://github.com/rails/rails/commit/9de9b359d0d24f70f0f6c5c58a7ad8750684d456",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/rails/rails/commit/9de9b359d0d24f70f0f6c5c58a7ad8750684d456"
                },
                {
                    "reference_url": "https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://groups.google.com/forum/?fromgroups=#!topic/rubyonrails-security/DCNTNp_qjFM"
                },
                {
                    "reference_url": "https://groups.google.com/group/rubyonrails-security/msg/23daa048baf28b64?dmode=source&output=gplain",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://groups.google.com/group/rubyonrails-security/msg/23daa048baf28b64?dmode=source&output=gplain"
                },
                {
                    "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6496",
                    "reference_id": "",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "generic_textual",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://nvd.nist.gov/vuln/detail/CVE-2012-6496"
                },
                {
                    "reference_url": "https://github.com/advisories/GHSA-gh2w-j7cx-2664",
                    "reference_id": "GHSA-gh2w-j7cx-2664",
                    "reference_type": "",
                    "scores": [
                        {
                            "value": "HIGH",
                            "scoring_system": "cvssv3.1_qr",
                            "scoring_elements": ""
                        }
                    ],
                    "url": "https://github.com/advisories/GHSA-gh2w-j7cx-2664"
                },
                {
                    "reference_url": "https://security.gentoo.org/glsa/201401-22",
                    "reference_id": "GLSA-201401-22",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://security.gentoo.org/glsa/201401-22"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2013:0154",
                    "reference_id": "RHSA-2013:0154",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2013:0154"
                },
                {
                    "reference_url": "https://access.redhat.com/errata/RHSA-2013:0155",
                    "reference_id": "RHSA-2013:0155",
                    "reference_type": "",
                    "scores": [],
                    "url": "https://access.redhat.com/errata/RHSA-2013:0155"
                }
            ],
            "fixed_packages": [],
            "aliases": [
                "CVE-2012-6496",
                "GHSA-gh2w-j7cx-2664",
                "OSV-88661"
            ],
            "risk_score": null,
            "exploitability": null,
            "weighted_severity": null,
            "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xej7-nkc8-dkez"
        }
    ],
    "fixing_vulnerabilities": [],
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-openshift-origin-node@1.0.10-6%3Farch=el6op"
}

Package Instance