Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/357185?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/357185?format=api", "purl": "pkg:rpm/redhat/nodejs-ini@1.1.0-6?arch=el7aos", "type": "rpm", "namespace": "redhat", "name": "nodejs-ini", "version": "1.1.0-6", "qualifiers": { "arch": "el7aos" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/277811?format=api", "vulnerability_id": "VCID-1xaj-2nah-mbff", "summary": "", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1814.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1814.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1814", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47285", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47426", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47442", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00239", "scoring_system": "epss", "scoring_elements": "0.47423", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1814" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/57e78880cc035874bda916ef4d8d7fd7642af9db", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/57e78880cc035874bda916ef4d8d7fd7642af9db" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1814", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1814" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205616", "reference_id": "1205616", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205616" }, { "reference_url": "https://github.com/advisories/GHSA-3269-jqp5-v8c9", "reference_id": "GHSA-3269-jqp5-v8c9", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3269-jqp5-v8c9" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1844", "reference_id": "RHSA-2015:1844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1814", "GHSA-3269-jqp5-v8c9" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1xaj-2nah-mbff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/217626?format=api", "vulnerability_id": "VCID-2yqn-6cyk-47cc", "summary": "Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1906.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1906.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2016-1906", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2016-1906" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1906", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85838", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85836", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85846", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.02541", "scoring_system": "epss", "scoring_elements": "0.85787", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1906" }, { "reference_url": "https://github.com/openshift/origin/commit/d95ec085f03ecf10e8c424a4f0340ddb38891406", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openshift/origin/commit/d95ec085f03ecf10e8c424a4f0340ddb38891406" }, { "reference_url": "https://github.com/openshift/origin/issues/6556", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openshift/origin/issues/6556" }, { "reference_url": "https://github.com/openshift/origin/pull/6576", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/openshift/origin/pull/6576" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1906", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1906" }, { "reference_url": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1906", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1906" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297916", "reference_id": "1297916", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297916" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0351", "reference_id": "RHSA-2016:0351", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0351" } ], "fixed_packages": [], "aliases": [ "CVE-2016-1906", "GHSA-m3fm-h5jp-q79p" ], "risk_score": 4.5, "exploitability": "0.5", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2yqn-6cyk-47cc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/272497?format=api", "vulnerability_id": "VCID-4a71-7s33-e3f2", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3664.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3664.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3664", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3664" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.4113", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41297", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41316", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41306", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3664" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96973", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96973" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3664", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3664" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147765", "reference_id": "1147765", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147765" }, { "reference_url": "https://github.com/advisories/GHSA-3gp5-92h5-h855", "reference_id": "GHSA-3gp5-92h5-h855", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3gp5-92h5-h855" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3664", "GHSA-3gp5-92h5-h855" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4a71-7s33-e3f2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/217625?format=api", "vulnerability_id": "VCID-52ns-u535-qqhk", "summary": "The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1905.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-1905.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2016-1905", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2016-1905" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1905", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.469", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46904", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46919", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00236", "scoring_system": "epss", "scoring_elements": "0.46762", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-1905" }, { "reference_url": "https://github.com/kubernetes/kubernetes/commit/9e6912384a5bc714f2a780b870944a8cee264a22", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/commit/9e6912384a5bc714f2a780b870944a8cee264a22" }, { "reference_url": "https://github.com/kubernetes/kubernetes/issues/19479", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/kubernetes/kubernetes/issues/19479" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1905", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1905" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297910", "reference_id": "1297910", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1297910" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0351", "reference_id": "RHSA-2016:0351", "reference_type": "", "scores": [ { "value": "7.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0351" } ], "fixed_packages": [], "aliases": [ "CVE-2016-1905", "GHSA-xx8c-m748-xr4j" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-52ns-u535-qqhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209956?format=api", "vulnerability_id": "VCID-5da5-re24-aba2", "summary": "Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7538.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7538.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7538", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46671", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46661", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46657", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00234", "scoring_system": "epss", "scoring_elements": "0.46516", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7538" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/ba747888108d0db90d469c6d210b1df465d8fac1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/ba747888108d0db90d469c6d210b1df465d8fac1" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/ef2c0dc163695af3a57ad7a45571293377ff679b", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/ef2c0dc163695af3a57ad7a45571293377ff679b" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291797", "reference_id": "1291797", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291797" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7538", "reference_id": "CVE-2015-7538", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7538" }, { "reference_url": "https://github.com/advisories/GHSA-w7qm-fprw-cqgq", "reference_id": "GHSA-w7qm-fprw-cqgq", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w7qm-fprw-cqgq" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-7538", "GHSA-w7qm-fprw-cqgq" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5da5-re24-aba2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209955?format=api", "vulnerability_id": "VCID-5kr7-442g-zbea", "summary": "Jenkins allows Unauthorized Viewing of Queue API Information", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5324.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5324.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5324", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37327", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.3715", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37338", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37352", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5324" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/33b55588a6a5f844a59f2cd8940d385c6d412eb5", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/33b55588a6a5f844a59f2cd8940d385c6d412eb5" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/4a72e938d58598cd4bd3caa48ee9e8a3f60c30e4", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/4a72e938d58598cd4bd3caa48ee9e8a3f60c30e4" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/581eb9ceb354b8a55c010d0547ff73cb6fd67a75", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/581eb9ceb354b8a55c010d0547ff73cb6fd67a75" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282367", "reference_id": "1282367", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282367" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5324", "reference_id": "CVE-2015-5324", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5324" }, { "reference_url": "https://github.com/advisories/GHSA-5xmf-9vgr-53mj", "reference_id": "GHSA-5xmf-9vgr-53mj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5xmf-9vgr-53mj" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-5324", "GHSA-5xmf-9vgr-53mj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5kr7-442g-zbea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209957?format=api", "vulnerability_id": "VCID-75kf-d47j-sffz", "summary": "Jenkins allows Administrators to Access API Tokens", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5323.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5323.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5323", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37521", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37334", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37511", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37535", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5323" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/b3f16489ad5f15c3e749ed066cf6b4251f6668c6", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/b3f16489ad5f15c3e749ed066cf6b4251f6668c6" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282366", "reference_id": "1282366", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282366" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5323", "reference_id": "CVE-2015-5323", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5323" }, { "reference_url": "https://github.com/advisories/GHSA-x4m5-j4x4-4wjg", "reference_id": "GHSA-x4m5-j4x4-4wjg", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x4m5-j4x4-4wjg" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-5323", "GHSA-x4m5-j4x4-4wjg" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-75kf-d47j-sffz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/277803?format=api", "vulnerability_id": "VCID-7y56-req9-5fg8", "summary": "", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1806.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1806.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1806", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00639", "scoring_system": "epss", "scoring_elements": "0.71026", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00639", "scoring_system": "epss", "scoring_elements": "0.71115", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00639", "scoring_system": "epss", "scoring_elements": "0.71128", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00639", "scoring_system": "epss", "scoring_elements": "0.71126", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1806" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1806", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1806" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205620", "reference_id": "1205620", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205620" }, { "reference_url": "https://github.com/advisories/GHSA-mm9c-4cv4-7rfv", "reference_id": "GHSA-mm9c-4cv4-7rfv", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-mm9c-4cv4-7rfv" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1844", "reference_id": "RHSA-2015:1844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1806", "GHSA-mm9c-4cv4-7rfv" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7y56-req9-5fg8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209951?format=api", "vulnerability_id": "VCID-9p6x-6dg8-xuev", "summary": "Jenkins has Local File Inclusion Vulnerability", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5322.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5322.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5322", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37493", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37479", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37469", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00165", "scoring_system": "epss", "scoring_elements": "0.37292", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5322" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/5431e397216b4ab80e58bdabcb06a0066bce6592", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/5431e397216b4ab80e58bdabcb06a0066bce6592" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282365", "reference_id": "1282365", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282365" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5322", "reference_id": "CVE-2015-5322", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5322" }, { "reference_url": "https://github.com/advisories/GHSA-89vc-7frq-2rfj", "reference_id": "GHSA-89vc-7frq-2rfj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-89vc-7frq-2rfj" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-5322", "GHSA-89vc-7frq-2rfj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9p6x-6dg8-xuev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/272506?format=api", "vulnerability_id": "VCID-9pc9-x87m-rfhe", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3680.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3680.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3680", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3680" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3680", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22751", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22947", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22958", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22937", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3680" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3680", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3680" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1148645", "reference_id": "1148645", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1148645" }, { "reference_url": "https://github.com/advisories/GHSA-8x8p-mfwv-9fjw", "reference_id": "GHSA-8x8p-mfwv-9fjw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8x8p-mfwv-9fjw" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3680", "GHSA-8x8p-mfwv-9fjw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9pc9-x87m-rfhe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/272494?format=api", "vulnerability_id": "VCID-9vdz-91eq-4kaq", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3661.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3661.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3661", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3661" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3661", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36487", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36474", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36499", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36293", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3661" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3661", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3661" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147758", "reference_id": "1147758", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147758" }, { "reference_url": "https://github.com/advisories/GHSA-r5m2-g5gc-q43r", "reference_id": "GHSA-r5m2-g5gc-q43r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r5m2-g5gc-q43r" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3661", "GHSA-r5m2-g5gc-q43r" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9vdz-91eq-4kaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30621?format=api", "vulnerability_id": "VCID-a8t2-cdt8-huda", "summary": "", "references": [ { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00008.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-11/msg00008.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00033.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00033.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00050.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://lists.opensuse.org/opensuse-updates/2013-10/msg00050.html" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2013-1448.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2013-1448.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2186.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2186.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2186", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.87099", "scoring_system": "epss", "scoring_elements": "0.99466", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.87099", "scoring_system": "epss", "scoring_elements": "0.99465", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.87099", "scoring_system": "epss", "scoring_elements": "0.99463", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-2186" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2186" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2186", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2186" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88133", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/88133" }, { "reference_url": "https://github.com/apache/commons-fileupload", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/commons-fileupload" }, { "reference_url": "https://github.com/apache/commons-fileupload/blob/master/RELEASE-NOTES.txt", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/commons-fileupload/blob/master/RELEASE-NOTES.txt" }, { "reference_url": "https://github.com/apache/commons-fileupload/commit/163a6061fbc077d4b6e4787d26857c2baba495d1", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/apache/commons-fileupload/commit/163a6061fbc077d4b6e4787d26857c2baba495d1" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2186", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-2186" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://www.tenable.com/security/research/tra-2016-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.tenable.com/security/research/tra-2016-23" }, { "reference_url": "http://ubuntu.com/usn/usn-2029-1", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://ubuntu.com/usn/usn-2029-1" }, { "reference_url": "http://www.debian.org/security/2013/dsa-2827", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.debian.org/security/2013/dsa-2827" }, { "reference_url": "http://www.securityfocus.com/bid/63174", "reference_id": "", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.securityfocus.com/bid/63174" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726601", "reference_id": "726601", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=726601" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=974814", "reference_id": "974814", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=974814" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2013-2186", "reference_id": "CVE-2013-2186", "reference_type": "", "scores": [], "url": "https://access.redhat.com/security/cve/CVE-2013-2186" }, { "reference_url": "https://github.com/advisories/GHSA-qx6h-9567-5fqw", "reference_id": "GHSA-qx6h-9567-5fqw", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-qx6h-9567-5fqw" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1428", "reference_id": "RHSA-2013:1428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1429", "reference_id": "RHSA-2013:1429", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1429" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1430", "reference_id": "RHSA-2013:1430", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1430" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1442", "reference_id": "RHSA-2013:1442", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1442" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2013:1448", "reference_id": "RHSA-2013:1448", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2013:1448" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://usn.ubuntu.com/2029-1/", "reference_id": "USN-2029-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2029-1/" } ], "fixed_packages": [], "aliases": [ "CVE-2013-2186", "GHSA-qx6h-9567-5fqw" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a8t2-cdt8-huda" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/277804?format=api", "vulnerability_id": "VCID-af57-jpq3-xyg1", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1807.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1807.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1807", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31806", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31992", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.32008", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00128", "scoring_system": "epss", "scoring_elements": "0.31987", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1807" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205622", "reference_id": "1205622", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1844", "reference_id": "RHSA-2015:1844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1807" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-af57-jpq3-xyg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209958?format=api", "vulnerability_id": "VCID-bgkr-svfh-dkfe", "summary": "Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5318.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5318.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5318", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22993", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.2281", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.23006", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.23016", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5318" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/f53802bb82a25b295b6dfa3bf2a591a6c8552183", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/f53802bb82a25b295b6dfa3bf2a591a6c8552183" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282361", "reference_id": "1282361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282361" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5318", "reference_id": "CVE-2015-5318", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5318" }, { "reference_url": "https://github.com/advisories/GHSA-3wmv-7php-rhg5", "reference_id": "GHSA-3wmv-7php-rhg5", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3wmv-7php-rhg5" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-5318", "GHSA-3wmv-7php-rhg5" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bgkr-svfh-dkfe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/272500?format=api", "vulnerability_id": "VCID-bnpm-8mm9-t3a8", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3667.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3667.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3667", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3667" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3667", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17838", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17847", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17863", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17688", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3667" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/f0a29b562e14d837912c6b35fa4e81478563813a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/f0a29b562e14d837912c6b35fa4e81478563813a" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3667", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3667" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147770", "reference_id": "1147770", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147770" }, { "reference_url": "https://github.com/advisories/GHSA-5xm3-48v5-6h7v", "reference_id": "GHSA-5xm3-48v5-6h7v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5xm3-48v5-6h7v" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3667", "GHSA-5xm3-48v5-6h7v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bnpm-8mm9-t3a8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209953?format=api", "vulnerability_id": "VCID-bsmf-3kd3-bffp", "summary": "Jenkins allows Bypass of Access Restrictions", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5325.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5325.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5325", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24977", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24778", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24976", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24993", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5325" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/054a329c59171ca12ff98f7063ce7fd053ee08bf", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/054a329c59171ca12ff98f7063ce7fd053ee08bf" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282368", "reference_id": "1282368", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282368" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5325", "reference_id": "CVE-2015-5325", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5325" }, { "reference_url": "https://github.com/advisories/GHSA-x2q2-8pwq-fr5r", "reference_id": "GHSA-x2q2-8pwq-fr5r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x2q2-8pwq-fr5r" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-5325", "GHSA-x2q2-8pwq-fr5r" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bsmf-3kd3-bffp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/272507?format=api", "vulnerability_id": "VCID-bus4-86jr-a3ax", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3681.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3681.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3681", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3681" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3681", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48463", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48601", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.4862", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48606", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3681" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96975", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96975" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3681", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3681" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147766", "reference_id": "1147766", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147766" }, { "reference_url": "https://github.com/advisories/GHSA-cwh9-f8m6-6r63", "reference_id": "GHSA-cwh9-f8m6-6r63", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cwh9-f8m6-6r63" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3681", "GHSA-cwh9-f8m6-6r63" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bus4-86jr-a3ax" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209949?format=api", "vulnerability_id": "VCID-dxkj-1bak-77bp", "summary": "Jenkins has Information Disclosure via Sidepanel Widget", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5321.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5321.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5321", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30811", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3061", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30808", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30826", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5321" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/251bdb00ab3cf4435416f0a55fa3bccf7f58896a", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/251bdb00ab3cf4435416f0a55fa3bccf7f58896a" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/9e439d462c28fe1c96799c89709dc5d0cb8ab8fa", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/9e439d462c28fe1c96799c89709dc5d0cb8ab8fa" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282364", "reference_id": "1282364", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282364" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5321", "reference_id": "CVE-2015-5321", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5321" }, { "reference_url": "https://github.com/advisories/GHSA-4653-rmch-3g2g", "reference_id": "GHSA-4653-rmch-3g2g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-4653-rmch-3g2g" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-5321", "GHSA-4653-rmch-3g2g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dxkj-1bak-77bp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209960?format=api", "vulnerability_id": "VCID-ecxd-nr6p-bqca", "summary": "Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7537.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7537.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7537", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.6111", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.60997", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.61103", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00397", "scoring_system": "epss", "scoring_elements": "0.61112", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7537" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/40a28999e221a209212c30586be9c39049510bd1", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/40a28999e221a209212c30586be9c39049510bd1" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291795", "reference_id": "1291795", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291795" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7537", "reference_id": "CVE-2015-7537", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7537" }, { "reference_url": "https://github.com/advisories/GHSA-3vhr-f5xr-8vpx", "reference_id": "GHSA-3vhr-f5xr-8vpx", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3vhr-f5xr-8vpx" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-7537", "GHSA-3vhr-f5xr-8vpx" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ecxd-nr6p-bqca" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209952?format=api", "vulnerability_id": "VCID-eq5v-nn9f-qfhx", "summary": "Jenkins has XML External Entity (XXE) Vulnerability in Job Configuration via CLI", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5319.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5319.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5319", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40015", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.39845", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40027", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00183", "scoring_system": "epss", "scoring_elements": "0.40037", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5319" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/e78e9e8144f7304cf274cd4b756f458cf63a3556", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/e78e9e8144f7304cf274cd4b756f458cf63a3556" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282362", "reference_id": "1282362", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282362" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5319", "reference_id": "CVE-2015-5319", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5319" }, { "reference_url": "https://github.com/advisories/GHSA-3j9c-cp7m-8w8g", "reference_id": "GHSA-3j9c-cp7m-8w8g", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3j9c-cp7m-8w8g" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-5319", "GHSA-3j9c-cp7m-8w8g" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eq5v-nn9f-qfhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/277809?format=api", "vulnerability_id": "VCID-ha4v-xcyx-q3ce", "summary": "", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1812.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1812.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1812", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44109", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44263", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44281", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.4427", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1812" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/f58ba6e72f978e2f73299e38a1b54ff70fc73fd8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/f58ba6e72f978e2f73299e38a1b54ff70fc73fd8" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/f880d8d2cd9d46987ee3630fa04f77b17784f4e8", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/f880d8d2cd9d46987ee3630fa04f77b17784f4e8" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/feb2703adb0c121705e5c8e9ddf8f663b6481cbd", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/feb2703adb0c121705e5c8e9ddf8f663b6481cbd" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1812", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1812" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205615", "reference_id": "1205615", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205615" }, { "reference_url": "https://github.com/advisories/GHSA-w5v7-q2j4-fvpf", "reference_id": "GHSA-w5v7-q2j4-fvpf", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-w5v7-q2j4-fvpf" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1844", "reference_id": "RHSA-2015:1844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1812", "GHSA-w5v7-q2j4-fvpf" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ha4v-xcyx-q3ce" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209959?format=api", "vulnerability_id": "VCID-jmpj-z37s-97dj", "summary": "Jenkins does not Verify Checksums for Plugin Files", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7539.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7539.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7539", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.74026", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.74025", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.74011", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00768", "scoring_system": "epss", "scoring_elements": "0.73937", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-7539" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/11479a2cc0a322a6bcd7e65667f3d24aa4d444bb", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/11479a2cc0a322a6bcd7e65667f3d24aa4d444bb" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/97adb71aa4509f91e408a16ba312e817ec015cf4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/97adb71aa4509f91e408a16ba312e817ec015cf4" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/9ec88357a354d8354728cc06e2b8c8b68aee58bf", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/9ec88357a354d8354728cc06e2b8c8b68aee58bf" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/c158648afa8888bc49ac337c973d4e4bc050118e", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/c158648afa8888bc49ac337c973d4e4bc050118e" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/f99cb46e06f394637067730a82f46bddc3567295", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/f99cb46e06f394637067730a82f46bddc3567295" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291798", "reference_id": "1291798", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1291798" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7539", "reference_id": "CVE-2015-7539", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7539" }, { "reference_url": "https://github.com/advisories/GHSA-x274-9m9r-fm5g", "reference_id": "GHSA-x274-9m9r-fm5g", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-x274-9m9r-fm5g" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-7539", "GHSA-x274-9m9r-fm5g" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jmpj-z37s-97dj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/30693?format=api", "vulnerability_id": "VCID-njhk-91wg-7uae", "summary": "", "references": [ { "reference_url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/#jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/#jenkins" }, { "reference_url": "http://packetstormsecurity.com/files/134805/Jenkins-CLI-RMI-Java-Deserialization.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://packetstormsecurity.com/files/134805/Jenkins-CLI-RMI-Java-Deserialization.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8103.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8103.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8103", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86333", "scoring_system": "epss", "scoring_elements": "0.99426", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.86333", "scoring_system": "epss", "scoring_elements": "0.99427", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.86333", "scoring_system": "epss", "scoring_elements": "0.99424", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8103" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/5bd9b55a2a3249939fd78c501b8959a804c1164b", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/5bd9b55a2a3249939fd78c501b8959a804c1164b" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/b4193d1132089286ebeaf9d8872c839ad473329c", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/b4193d1132089286ebeaf9d8872c839ad473329c" }, { "reference_url": "https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://jenkins-ci.org/content/mitigating-unauthenticated-remote-code-execution-0-day-jenkins-cli" }, { "reference_url": "https://web.archive.org/web/20151225025917/http://www.securityfocus.com/bid/77636", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://web.archive.org/web/20151225025917/http://www.securityfocus.com/bid/77636" }, { "reference_url": "https://www.exploit-db.com/exploits/38983", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.exploit-db.com/exploits/38983" }, { "reference_url": "https://www.exploit-db.com/exploits/38983/", "reference_id": "", "reference_type": "", "scores": [], "url": "https://www.exploit-db.com/exploits/38983/" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/09/5", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2015/11/09/5" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/18/11", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2015/11/18/11" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/18/13", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2015/11/18/13" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/18/2", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://www.openwall.com/lists/oss-security/2015/11/18/2" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282371", "reference_id": "1282371", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282371" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8103", "reference_id": "CVE-2015-8103", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-8103" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/38983.rb", "reference_id": "CVE-2015-8103;OSVDB-130184", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/38983.rb" }, { "reference_url": "https://github.com/advisories/GHSA-wfw7-6632-xcv2", "reference_id": "GHSA-wfw7-6632-xcv2", "reference_type": "", "scores": [ { "value": "CRITICAL", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-wfw7-6632-xcv2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "CRITICAL", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-8103", "GHSA-wfw7-6632-xcv2" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "9.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-njhk-91wg-7uae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/272499?format=api", "vulnerability_id": "VCID-q3h6-bk62-tkhz", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3666.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3666.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3666", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79403", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.7947", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79485", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79481", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3666" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/be195b0e19343bff6d966029d8eea99b2c039c32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/be195b0e19343bff6d966029d8eea99b2c039c32" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3666", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3666" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147769", "reference_id": "1147769", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147769" }, { "reference_url": "https://github.com/advisories/GHSA-fvfh-8mj3-23xj", "reference_id": "GHSA-fvfh-8mj3-23xj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fvfh-8mj3-23xj" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3666", "GHSA-fvfh-8mj3-23xj" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q3h6-bk62-tkhz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/203303?format=api", "vulnerability_id": "VCID-q7m3-7sb3-gkaf", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1869.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-1869.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1869", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.69918", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.70009", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.70023", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00599", "scoring_system": "epss", "scoring_elements": "0.70021", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1869" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1869", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1869" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1063099", "reference_id": "1063099", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1063099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2014-1869" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q7m3-7sb3-gkaf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/272495?format=api", "vulnerability_id": "VCID-r82z-zw4w-9bgp", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3662.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3662.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3662", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3662" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28607", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28591", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28616", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28395", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3662" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3662", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3662" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147759", "reference_id": "1147759", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147759" }, { "reference_url": "https://github.com/advisories/GHSA-fxqr-px2m-fvc2", "reference_id": "GHSA-fxqr-px2m-fvc2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fxqr-px2m-fvc2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3662", "GHSA-fxqr-px2m-fvc2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r82z-zw4w-9bgp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/277807?format=api", "vulnerability_id": "VCID-rexd-p2j3-8kba", "summary": "", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1810.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1810.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1810", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.63202", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.63304", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.63315", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00433", "scoring_system": "epss", "scoring_elements": "0.63312", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1810" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1810", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1810" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205627", "reference_id": "1205627", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205627" }, { "reference_url": "https://github.com/advisories/GHSA-37wm-28rm-56vw", "reference_id": "GHSA-37wm-28rm-56vw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-37wm-28rm-56vw" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1844", "reference_id": "RHSA-2015:1844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1810", "GHSA-37wm-28rm-56vw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rexd-p2j3-8kba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/158781?format=api", "vulnerability_id": "VCID-tpm3-6r5r-jfaq", "summary": "The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5317.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5317.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5317", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.39696", "scoring_system": "epss", "scoring_elements": "0.97418", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.39696", "scoring_system": "epss", "scoring_elements": "0.97406", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.39696", "scoring_system": "epss", "scoring_elements": "0.97415", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.39696", "scoring_system": "epss", "scoring_elements": "0.97417", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5317" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/0594c4cbccd24d4883fc0150e8fc511c9da63eb4", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/0594c4cbccd24d4883fc0150e8fc511c9da63eb4" }, { "reference_url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-5317", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-5317" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282359", "reference_id": "1282359", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282359" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5317", "reference_id": "CVE-2015-5317", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5317" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11", "reference_id": "CVE-2015-8103;OSVDB-130184", "reference_type": "exploit", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:39:09Z/" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11" }, { "reference_url": "https://github.com/advisories/GHSA-8pqx-3rxx-f5pm", "reference_id": "GHSA-8pqx-3rxx-f5pm", "reference_type": "", "scores": [ { "value": "HIGH", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8pqx-3rxx-f5pm" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:39:09Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0489.html", "reference_id": "RHSA-2016-0489.html", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H" }, { "value": "HIGH", "scoring_system": "generic_textual", "scoring_elements": "" }, { "value": "Attend", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:39:09Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0489.html" } ], "fixed_packages": [], "aliases": [ "CVE-2015-5317", "GHSA-8pqx-3rxx-f5pm" ], "risk_score": 10.0, "exploitability": "2.0", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tpm3-6r5r-jfaq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/272496?format=api", "vulnerability_id": "VCID-vc2k-3a67-63cj", "summary": "", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3663.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3663.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3663", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3663" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20679", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20657", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20479", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3663" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3663", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3663" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147764", "reference_id": "1147764", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147764" }, { "reference_url": "https://github.com/advisories/GHSA-64mc-2m9p-23c8", "reference_id": "GHSA-64mc-2m9p-23c8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-64mc-2m9p-23c8" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2014-3663", "GHSA-64mc-2m9p-23c8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vc2k-3a67-63cj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209950?format=api", "vulnerability_id": "VCID-w4qc-p5fs-6fc7", "summary": "Jenkins allows Cross-Site Scripting (XSS)", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5326.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5326.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5326", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26022", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26008", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.26006", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00092", "scoring_system": "epss", "scoring_elements": "0.25806", "published_at": "2026-06-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5326" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/abe561499bbba2e725804c1117fc957028bbd608", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/abe561499bbba2e725804c1117fc957028bbd608" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282369", "reference_id": "1282369", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282369" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5326", "reference_id": "CVE-2015-5326", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5326" }, { "reference_url": "https://github.com/advisories/GHSA-5mwr-jg3r-jv66", "reference_id": "GHSA-5mwr-jg3r-jv66", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5mwr-jg3r-jv66" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-5326", "GHSA-5mwr-jg3r-jv66" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w4qc-p5fs-6fc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/277805?format=api", "vulnerability_id": "VCID-yfpr-syc7-tfb1", "summary": "", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1808.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1808.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1808", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38779", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38952", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38974", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00175", "scoring_system": "epss", "scoring_elements": "0.38965", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1808" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1808", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1808" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205623", "reference_id": "1205623", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205623" }, { "reference_url": "https://github.com/advisories/GHSA-3rwx-3vwh-mwxc", "reference_id": "GHSA-3rwx-3vwh-mwxc", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3rwx-3vwh-mwxc" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1844", "reference_id": "RHSA-2015:1844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1808", "GHSA-3rwx-3vwh-mwxc" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yfpr-syc7-tfb1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/277810?format=api", "vulnerability_id": "VCID-z7tw-647w-k7a2", "summary": "", "references": [ { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1813.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-1813.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1813", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44109", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44263", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.44281", "published_at": "2026-06-13T12:55:00Z" }, { "value": "0.00215", "scoring_system": "epss", "scoring_elements": "0.4427", "published_at": "2026-06-14T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-1813" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/feb2703adb0c121705e5c8e9ddf8f663b6481cbd", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/feb2703adb0c121705e5c8e9ddf8f663b6481cbd" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1813", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1813" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205615", "reference_id": "1205615", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205615" }, { "reference_url": "https://github.com/advisories/GHSA-9h85-v6xf-h26q", "reference_id": "GHSA-9h85-v6xf-h26q", "reference_type": "", "scores": [ { "value": "LOW", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-9h85-v6xf-h26q" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1844", "reference_id": "RHSA-2015:1844", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1844" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N" }, { "value": "LOW", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" } ], "fixed_packages": [], "aliases": [ "CVE-2015-1813", "GHSA-9h85-v6xf-h26q" ], "risk_score": 1.4, "exploitability": "0.5", "weighted_severity": "2.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z7tw-647w-k7a2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/209954?format=api", "vulnerability_id": "VCID-zgx6-8gkv-b3h2", "summary": "Jenkins allows Exposure of Sensitive Information to an Unauthorized Actor", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5320.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5320.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5320", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30808", "published_at": "2026-06-12T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.3061", "published_at": "2026-06-11T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30811", "published_at": "2026-06-14T12:55:00Z" }, { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30826", "published_at": "2026-06-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5320" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282363", "reference_id": "1282363", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1282363" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5320", "reference_id": "CVE-2015-5320", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-5320" }, { "reference_url": "https://github.com/advisories/GHSA-449q-v4j2-5h8p", "reference_id": "GHSA-449q-v4j2-5h8p", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-449q-v4j2-5h8p" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "RHSA-2016:0070", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0489", "reference_id": "RHSA-2016:0489", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0489" } ], "fixed_packages": [], "aliases": [ "CVE-2015-5320", "GHSA-449q-v4j2-5h8p" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zgx6-8gkv-b3h2" } ], "fixing_vulnerabilities": [], "risk_score": "10.0", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/nodejs-ini@1.1.0-6%3Farch=el7aos" }