Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jenkins-ci.plugins/token-macro@2.5
Typemaven
Namespaceorg.jenkins-ci.plugins
Nametoken-macro
Version2.5
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.6
Latest_non_vulnerable_version2.8
Affected_by_vulnerabilities
0
url VCID-qdk1-p4qg-p3ar
vulnerability_id VCID-qdk1-p4qg-p3ar
summary 
Improper Input Validation
An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin which allows attackers with the ability to control token macro input (such as SCM changelogs) to define recursive input that results in unexpected macro evaluation.
references
0
reference_url https://access.redhat.com/errata/RHBA-2019:0326
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHBA-2019:0326
1
reference_url https://access.redhat.com/errata/RHBA-2019:0327
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHBA-2019:0327
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1003011.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-1003011.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-1003011
reference_id
reference_type
scores
0
value 0.00556
scoring_system epss
scoring_elements 0.68177
published_at 2026-04-18T12:55:00Z
1
value 0.00556
scoring_system epss
scoring_elements 0.68087
published_at 2026-04-02T12:55:00Z
2
value 0.00556
scoring_system epss
scoring_elements 0.68106
published_at 2026-04-04T12:55:00Z
3
value 0.00556
scoring_system epss
scoring_elements 0.68084
published_at 2026-04-07T12:55:00Z
4
value 0.00556
scoring_system epss
scoring_elements 0.68135
published_at 2026-04-08T12:55:00Z
5
value 0.00556
scoring_system epss
scoring_elements 0.6815
published_at 2026-04-09T12:55:00Z
6
value 0.00556
scoring_system epss
scoring_elements 0.68175
published_at 2026-04-11T12:55:00Z
7
value 0.00556
scoring_system epss
scoring_elements 0.68161
published_at 2026-04-12T12:55:00Z
8
value 0.00556
scoring_system epss
scoring_elements 0.68128
published_at 2026-04-13T12:55:00Z
9
value 0.00556
scoring_system epss
scoring_elements 0.68165
published_at 2026-04-16T12:55:00Z
10
value 0.00556
scoring_system epss
scoring_elements 0.68065
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-1003011
4
reference_url https://github.com/jenkinsci/token-macro-plugin/commit/70163600031ea8d43833e6eea928f8fa2e44f96a
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/token-macro-plugin/commit/70163600031ea8d43833e6eea928f8fa2e44f96a
5
reference_url https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1102
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2019-01-28/#SECURITY-1102
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1670296
reference_id 1670296
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1670296
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:token_macro:*:*:*:*:*:jenkins:*:*
reference_id cpe:2.3:a:jenkins:token_macro:*:*:*:*:*:jenkins:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:token_macro:*:*:*:*:*:jenkins:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-1003011
reference_id CVE-2019-1003011
reference_type
scores
0
value 5.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:P
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-1003011
10
reference_url https://github.com/advisories/GHSA-23h9-m55m-c5jp
reference_id GHSA-23h9-m55m-c5jp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-23h9-m55m-c5jp
fixed_packages
0
url pkg:maven/org.jenkins-ci.plugins/token-macro@2.6
purl pkg:maven/org.jenkins-ci.plugins/token-macro@2.6
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.plugins/token-macro@2.6
aliases CVE-2019-1003011, GHSA-23h9-m55m-c5jp
risk_score 3.6
exploitability 0.5
weighted_severity 7.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qdk1-p4qg-p3ar
Fixing_vulnerabilities
Risk_score3.6
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.plugins/token-macro@2.5