Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jenkins-ci.main/jenkins-core@1.638
Typemaven
Namespaceorg.jenkins-ci.main
Namejenkins-core
Version1.638
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.640
Latest_non_vulnerable_version2.555
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-8g3u-4dyc-6fak
vulnerability_id VCID-8g3u-4dyc-6fak
summary 
Jenkins has Information Disclosure via Sidepanel Widget
The sidepanel widgets in the CLI command overview and help pages in Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to the pages.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5321.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5321.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5321
reference_id
reference_type
scores
0
value 0.00209
scoring_system epss
scoring_elements 0.4333
published_at 2026-04-04T12:55:00Z
1
value 0.00209
scoring_system epss
scoring_elements 0.43358
published_at 2026-04-18T12:55:00Z
2
value 0.00209
scoring_system epss
scoring_elements 0.43369
published_at 2026-04-16T12:55:00Z
3
value 0.00209
scoring_system epss
scoring_elements 0.43245
published_at 2026-04-01T12:55:00Z
4
value 0.00209
scoring_system epss
scoring_elements 0.43301
published_at 2026-04-02T12:55:00Z
5
value 0.00209
scoring_system epss
scoring_elements 0.43308
published_at 2026-04-13T12:55:00Z
6
value 0.00209
scoring_system epss
scoring_elements 0.43323
published_at 2026-04-12T12:55:00Z
7
value 0.00209
scoring_system epss
scoring_elements 0.43354
published_at 2026-04-11T12:55:00Z
8
value 0.00209
scoring_system epss
scoring_elements 0.43334
published_at 2026-04-09T12:55:00Z
9
value 0.00209
scoring_system epss
scoring_elements 0.43319
published_at 2026-04-08T12:55:00Z
10
value 0.00209
scoring_system epss
scoring_elements 0.43267
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5321
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/251bdb00ab3cf4435416f0a55fa3bccf7f58896a
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/251bdb00ab3cf4435416f0a55fa3bccf7f58896a
6
reference_url https://github.com/jenkinsci/jenkins/commit/9e439d462c28fe1c96799c89709dc5d0cb8ab8fa
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/9e439d462c28fe1c96799c89709dc5d0cb8ab8fa
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1282364
reference_id 1282364
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1282364
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5321
reference_id CVE-2015-5321
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5321
13
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
reference_id CVE-2015-8103;OSVDB-130184
reference_type exploit
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
14
reference_url https://github.com/advisories/GHSA-4653-rmch-3g2g
reference_id GHSA-4653-rmch-3g2g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4653-rmch-3g2g
15
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
aliases CVE-2015-5321, GHSA-4653-rmch-3g2g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8g3u-4dyc-6fak
1
url VCID-ejrj-pum8-9qa3
vulnerability_id VCID-ejrj-pum8-9qa3
summary 
Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible salt to generate CSRF protection tokens, which makes it easier for remote attackers to bypass the CSRF protection mechanism via a brute force attack.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5318.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5318.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5318
reference_id
reference_type
scores
0
value 0.00058
scoring_system epss
scoring_elements 0.18157
published_at 2026-04-12T12:55:00Z
1
value 0.00058
scoring_system epss
scoring_elements 0.18203
published_at 2026-04-11T12:55:00Z
2
value 0.00058
scoring_system epss
scoring_elements 0.18199
published_at 2026-04-09T12:55:00Z
3
value 0.00058
scoring_system epss
scoring_elements 0.18143
published_at 2026-04-08T12:55:00Z
4
value 0.00058
scoring_system epss
scoring_elements 0.1806
published_at 2026-04-07T12:55:00Z
5
value 0.00058
scoring_system epss
scoring_elements 0.18147
published_at 2026-04-01T12:55:00Z
6
value 0.00058
scoring_system epss
scoring_elements 0.18304
published_at 2026-04-02T12:55:00Z
7
value 0.00058
scoring_system epss
scoring_elements 0.18358
published_at 2026-04-04T12:55:00Z
8
value 0.00058
scoring_system epss
scoring_elements 0.18061
published_at 2026-04-18T12:55:00Z
9
value 0.00058
scoring_system epss
scoring_elements 0.18048
published_at 2026-04-16T12:55:00Z
10
value 0.00058
scoring_system epss
scoring_elements 0.18106
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5318
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/f53802bb82a25b295b6dfa3bf2a591a6c8552183
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/f53802bb82a25b295b6dfa3bf2a591a6c8552183
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1282361
reference_id 1282361
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1282361
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5318
reference_id CVE-2015-5318
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5318
12
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
reference_id CVE-2015-8103;OSVDB-130184
reference_type exploit
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
13
reference_url https://github.com/advisories/GHSA-3wmv-7php-rhg5
reference_id GHSA-3wmv-7php-rhg5
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3wmv-7php-rhg5
14
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
aliases CVE-2015-5318, GHSA-3wmv-7php-rhg5
risk_score 3.0
exploitability 0.5
weighted_severity 6.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ejrj-pum8-9qa3
2
url VCID-gbeg-v39c-hfe5
vulnerability_id VCID-gbeg-v39c-hfe5
summary 
Jenkins allows Administrators to Access API Tokens
Jenkins before 1.638 and LTS before 1.625.2 do not properly restrict access to API tokens which might allow remote administrators to gain privileges and run scripts by using an API token of another user.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5323.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5323.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5323
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.42166
published_at 2026-04-12T12:55:00Z
1
value 0.00201
scoring_system epss
scoring_elements 0.42203
published_at 2026-04-11T12:55:00Z
2
value 0.00201
scoring_system epss
scoring_elements 0.4218
published_at 2026-04-09T12:55:00Z
3
value 0.00201
scoring_system epss
scoring_elements 0.42169
published_at 2026-04-08T12:55:00Z
4
value 0.00201
scoring_system epss
scoring_elements 0.42118
published_at 2026-04-07T12:55:00Z
5
value 0.00201
scoring_system epss
scoring_elements 0.42092
published_at 2026-04-01T12:55:00Z
6
value 0.00201
scoring_system epss
scoring_elements 0.42151
published_at 2026-04-02T12:55:00Z
7
value 0.00201
scoring_system epss
scoring_elements 0.42178
published_at 2026-04-04T12:55:00Z
8
value 0.00201
scoring_system epss
scoring_elements 0.42165
published_at 2026-04-18T12:55:00Z
9
value 0.00201
scoring_system epss
scoring_elements 0.4219
published_at 2026-04-16T12:55:00Z
10
value 0.00201
scoring_system epss
scoring_elements 0.42139
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5323
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/b3f16489ad5f15c3e749ed066cf6b4251f6668c6
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/b3f16489ad5f15c3e749ed066cf6b4251f6668c6
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1282366
reference_id 1282366
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1282366
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5323
reference_id CVE-2015-5323
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5323
12
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
reference_id CVE-2015-8103;OSVDB-130184
reference_type exploit
scores
0
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
13
reference_url https://github.com/advisories/GHSA-x4m5-j4x4-4wjg
reference_id GHSA-x4m5-j4x4-4wjg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x4m5-j4x4-4wjg
14
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
aliases CVE-2015-5323, GHSA-x4m5-j4x4-4wjg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gbeg-v39c-hfe5
3
url VCID-jfpr-4eze-j3f1
vulnerability_id VCID-jfpr-4eze-j3f1
summary 
Jenkins allows Cross-Site Scripting (XSS)
Cross-site scripting (XSS) vulnerability in the slave overview page in Jenkins before 1.638 and LTS before 1.625.2 allows remote authenticated users with certain permissions to inject arbitrary web script or HTML via the slave offline status message.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5326.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5326.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5326
reference_id
reference_type
scores
0
value 0.0016
scoring_system epss
scoring_elements 0.36934
published_at 2026-04-12T12:55:00Z
1
value 0.0016
scoring_system epss
scoring_elements 0.36969
published_at 2026-04-11T12:55:00Z
2
value 0.0016
scoring_system epss
scoring_elements 0.3696
published_at 2026-04-09T12:55:00Z
3
value 0.0016
scoring_system epss
scoring_elements 0.36948
published_at 2026-04-08T12:55:00Z
4
value 0.0016
scoring_system epss
scoring_elements 0.36897
published_at 2026-04-07T12:55:00Z
5
value 0.0016
scoring_system epss
scoring_elements 0.36866
published_at 2026-04-01T12:55:00Z
6
value 0.0016
scoring_system epss
scoring_elements 0.37035
published_at 2026-04-02T12:55:00Z
7
value 0.0016
scoring_system epss
scoring_elements 0.37069
published_at 2026-04-04T12:55:00Z
8
value 0.0016
scoring_system epss
scoring_elements 0.36938
published_at 2026-04-18T12:55:00Z
9
value 0.0016
scoring_system epss
scoring_elements 0.36953
published_at 2026-04-16T12:55:00Z
10
value 0.0016
scoring_system epss
scoring_elements 0.36909
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5326
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/abe561499bbba2e725804c1117fc957028bbd608
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/abe561499bbba2e725804c1117fc957028bbd608
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1282369
reference_id 1282369
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1282369
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5326
reference_id CVE-2015-5326
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:P/A:N
1
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5326
12
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
reference_id CVE-2015-8103;OSVDB-130184
reference_type exploit
scores
0
value 2.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
13
reference_url https://github.com/advisories/GHSA-5mwr-jg3r-jv66
reference_id GHSA-5mwr-jg3r-jv66
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5mwr-jg3r-jv66
14
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
aliases CVE-2015-5326, GHSA-5mwr-jg3r-jv66
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jfpr-4eze-j3f1
4
url VCID-n5z8-5v21-g7e9
vulnerability_id VCID-n5z8-5v21-g7e9
summary 
Jenkins has Local File Inclusion Vulnerability
Directory traversal vulnerability in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to list directory contents and read arbitrary files in the Jenkins servlet resources via directory traversal sequences in a request to jnlpJars/.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5322.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5322.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5322
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38097
published_at 2026-04-12T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.38134
published_at 2026-04-11T12:55:00Z
2
value 0.00169
scoring_system epss
scoring_elements 0.38116
published_at 2026-04-09T12:55:00Z
3
value 0.00169
scoring_system epss
scoring_elements 0.38108
published_at 2026-04-08T12:55:00Z
4
value 0.00169
scoring_system epss
scoring_elements 0.38058
published_at 2026-04-07T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.37984
published_at 2026-04-01T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.38164
published_at 2026-04-02T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38187
published_at 2026-04-04T12:55:00Z
8
value 0.00169
scoring_system epss
scoring_elements 0.38099
published_at 2026-04-18T12:55:00Z
9
value 0.00169
scoring_system epss
scoring_elements 0.38119
published_at 2026-04-16T12:55:00Z
10
value 0.00169
scoring_system epss
scoring_elements 0.38073
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5322
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/5431e397216b4ab80e58bdabcb06a0066bce6592
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/5431e397216b4ab80e58bdabcb06a0066bce6592
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1282365
reference_id 1282365
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1282365
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5322
reference_id CVE-2015-5322
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5322
12
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
reference_id CVE-2015-8103;OSVDB-130184
reference_type exploit
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
13
reference_url https://github.com/advisories/GHSA-89vc-7frq-2rfj
reference_id GHSA-89vc-7frq-2rfj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-89vc-7frq-2rfj
14
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
aliases CVE-2015-5322, GHSA-89vc-7frq-2rfj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n5z8-5v21-g7e9
5
url VCID-qpec-wa2s-23f3
vulnerability_id VCID-qpec-wa2s-23f3
summary 
Jenkins allows Bypass of Access Restrictions
Jenkins before 1.638 and LTS before 1.625.2 allow attackers to bypass intended slave-to-master access restrictions by leveraging a JNLP slave. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-3665.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5325.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5325.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5325
reference_id
reference_type
scores
0
value 0.00127
scoring_system epss
scoring_elements 0.32064
published_at 2026-04-12T12:55:00Z
1
value 0.00127
scoring_system epss
scoring_elements 0.32103
published_at 2026-04-11T12:55:00Z
2
value 0.00127
scoring_system epss
scoring_elements 0.321
published_at 2026-04-09T12:55:00Z
3
value 0.00127
scoring_system epss
scoring_elements 0.3207
published_at 2026-04-08T12:55:00Z
4
value 0.00127
scoring_system epss
scoring_elements 0.32019
published_at 2026-04-07T12:55:00Z
5
value 0.00127
scoring_system epss
scoring_elements 0.3203
published_at 2026-04-01T12:55:00Z
6
value 0.00127
scoring_system epss
scoring_elements 0.32157
published_at 2026-04-02T12:55:00Z
7
value 0.00127
scoring_system epss
scoring_elements 0.32196
published_at 2026-04-04T12:55:00Z
8
value 0.00127
scoring_system epss
scoring_elements 0.32043
published_at 2026-04-18T12:55:00Z
9
value 0.00127
scoring_system epss
scoring_elements 0.32067
published_at 2026-04-16T12:55:00Z
10
value 0.00127
scoring_system epss
scoring_elements 0.32033
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5325
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/054a329c59171ca12ff98f7063ce7fd053ee08bf
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/054a329c59171ca12ff98f7063ce7fd053ee08bf
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1282368
reference_id 1282368
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1282368
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5325
reference_id CVE-2015-5325
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5325
12
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
reference_id CVE-2015-8103;OSVDB-130184
reference_type exploit
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
13
reference_url https://github.com/advisories/GHSA-x2q2-8pwq-fr5r
reference_id GHSA-x2q2-8pwq-fr5r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x2q2-8pwq-fr5r
14
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
aliases CVE-2015-5325, GHSA-x2q2-8pwq-fr5r
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qpec-wa2s-23f3
6
url VCID-tsy7-92cs-6uc1
vulnerability_id VCID-tsy7-92cs-6uc1
summary 
Jenkins discloses project names via fingerprints
The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:39:09Z/
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:39:09Z/
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5317.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5317.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5317
reference_id
reference_type
scores
0
value 0.27392
scoring_system epss
scoring_elements 0.96403
published_at 2026-04-08T12:55:00Z
1
value 0.27392
scoring_system epss
scoring_elements 0.96395
published_at 2026-04-07T12:55:00Z
2
value 0.27392
scoring_system epss
scoring_elements 0.96421
published_at 2026-04-16T12:55:00Z
3
value 0.27392
scoring_system epss
scoring_elements 0.96425
published_at 2026-04-18T12:55:00Z
4
value 0.27392
scoring_system epss
scoring_elements 0.9638
published_at 2026-04-01T12:55:00Z
5
value 0.27392
scoring_system epss
scoring_elements 0.96391
published_at 2026-04-04T12:55:00Z
6
value 0.27392
scoring_system epss
scoring_elements 0.96414
published_at 2026-04-13T12:55:00Z
7
value 0.27392
scoring_system epss
scoring_elements 0.96411
published_at 2026-04-12T12:55:00Z
8
value 0.27392
scoring_system epss
scoring_elements 0.96406
published_at 2026-04-09T12:55:00Z
9
value 0.27392
scoring_system epss
scoring_elements 0.96387
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5317
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/0594c4cbccd24d4883fc0150e8fc511c9da63eb4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/0594c4cbccd24d4883fc0150e8fc511c9da63eb4
6
reference_url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-5317
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2015-5317
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1282359
reference_id 1282359
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1282359
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5317
reference_id CVE-2015-5317
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5317
13
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
reference_id CVE-2015-8103;OSVDB-130184
reference_type exploit
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Attend
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:P/P:M/B:A/M:M/D:A/2025-02-07T13:39:09Z/
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
14
reference_url https://github.com/advisories/GHSA-8pqx-3rxx-f5pm
reference_id GHSA-8pqx-3rxx-f5pm
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8pqx-3rxx-f5pm
15
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
aliases CVE-2015-5317, GHSA-8pqx-3rxx-f5pm
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tsy7-92cs-6uc1
7
url VCID-vcqm-2bae-w3e7
vulnerability_id VCID-vcqm-2bae-w3e7
summary 
Jenkins has XML External Entity (XXE) Vulnerability in Job Configuration via CLI
XML external entity (XXE) vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5319.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5319.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5319
reference_id
reference_type
scores
0
value 0.00316
scoring_system epss
scoring_elements 0.54739
published_at 2026-04-12T12:55:00Z
1
value 0.00316
scoring_system epss
scoring_elements 0.54754
published_at 2026-04-11T12:55:00Z
2
value 0.00316
scoring_system epss
scoring_elements 0.54742
published_at 2026-04-09T12:55:00Z
3
value 0.00316
scoring_system epss
scoring_elements 0.54747
published_at 2026-04-08T12:55:00Z
4
value 0.00316
scoring_system epss
scoring_elements 0.54694
published_at 2026-04-07T12:55:00Z
5
value 0.00316
scoring_system epss
scoring_elements 0.54631
published_at 2026-04-01T12:55:00Z
6
value 0.00316
scoring_system epss
scoring_elements 0.54702
published_at 2026-04-02T12:55:00Z
7
value 0.00316
scoring_system epss
scoring_elements 0.54724
published_at 2026-04-04T12:55:00Z
8
value 0.00316
scoring_system epss
scoring_elements 0.54757
published_at 2026-04-18T12:55:00Z
9
value 0.00316
scoring_system epss
scoring_elements 0.54755
published_at 2026-04-16T12:55:00Z
10
value 0.00316
scoring_system epss
scoring_elements 0.54717
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5319
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/e78e9e8144f7304cf274cd4b756f458cf63a3556
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/e78e9e8144f7304cf274cd4b756f458cf63a3556
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1282362
reference_id 1282362
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1282362
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5319
reference_id CVE-2015-5319
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5319
12
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
reference_id CVE-2015-8103;OSVDB-130184
reference_type exploit
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
13
reference_url https://github.com/advisories/GHSA-3j9c-cp7m-8w8g
reference_id GHSA-3j9c-cp7m-8w8g
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3j9c-cp7m-8w8g
14
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
aliases CVE-2015-5319, GHSA-3j9c-cp7m-8w8g
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vcqm-2bae-w3e7
8
url VCID-w9zw-vvsw-3qbb
vulnerability_id VCID-w9zw-vvsw-3qbb
summary 
Jenkins allows Exposure of Sensitive Information to an Unauthorized Actor
Jenkins before 1.638 and LTS before 1.625.2 do not properly verify the shared secret used in JNLP slave connections, which allows remote attackers to connect as slaves and obtain sensitive information or possibly gain administrative access by leveraging knowledge of the name of a slave.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5320.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5320.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5320
reference_id
reference_type
scores
0
value 0.00209
scoring_system epss
scoring_elements 0.43358
published_at 2026-04-18T12:55:00Z
1
value 0.00209
scoring_system epss
scoring_elements 0.4333
published_at 2026-04-04T12:55:00Z
2
value 0.00209
scoring_system epss
scoring_elements 0.43267
published_at 2026-04-07T12:55:00Z
3
value 0.00209
scoring_system epss
scoring_elements 0.43319
published_at 2026-04-08T12:55:00Z
4
value 0.00209
scoring_system epss
scoring_elements 0.43334
published_at 2026-04-09T12:55:00Z
5
value 0.00209
scoring_system epss
scoring_elements 0.43354
published_at 2026-04-11T12:55:00Z
6
value 0.00209
scoring_system epss
scoring_elements 0.43323
published_at 2026-04-12T12:55:00Z
7
value 0.00209
scoring_system epss
scoring_elements 0.43308
published_at 2026-04-13T12:55:00Z
8
value 0.00209
scoring_system epss
scoring_elements 0.43369
published_at 2026-04-16T12:55:00Z
9
value 0.00209
scoring_system epss
scoring_elements 0.43245
published_at 2026-04-01T12:55:00Z
10
value 0.00209
scoring_system epss
scoring_elements 0.43301
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5320
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1282363
reference_id 1282363
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1282363
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5320
reference_id CVE-2015-5320
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5320
11
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
reference_id CVE-2015-8103;OSVDB-130184
reference_type exploit
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
12
reference_url https://github.com/advisories/GHSA-449q-v4j2-5h8p
reference_id GHSA-449q-v4j2-5h8p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-449q-v4j2-5h8p
13
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
aliases CVE-2015-5320, GHSA-449q-v4j2-5h8p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w9zw-vvsw-3qbb
9
url VCID-zfsk-m177-9qch
vulnerability_id VCID-zfsk-m177-9qch
summary 
Jenkins allows Unauthorized Viewing of Queue API Information
Jenkins before 1.638 and LTS before 1.625.2 allow remote attackers to obtain sensitive information via a direct request to queue/api.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5324.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5324.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5324
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.51686
published_at 2026-04-01T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.51837
published_at 2026-04-18T12:55:00Z
2
value 0.00284
scoring_system epss
scoring_elements 0.5183
published_at 2026-04-16T12:55:00Z
3
value 0.00284
scoring_system epss
scoring_elements 0.51762
published_at 2026-04-04T12:55:00Z
4
value 0.00284
scoring_system epss
scoring_elements 0.51736
published_at 2026-04-02T12:55:00Z
5
value 0.00284
scoring_system epss
scoring_elements 0.51788
published_at 2026-04-13T12:55:00Z
6
value 0.00284
scoring_system epss
scoring_elements 0.51803
published_at 2026-04-12T12:55:00Z
7
value 0.00284
scoring_system epss
scoring_elements 0.51824
published_at 2026-04-11T12:55:00Z
8
value 0.00284
scoring_system epss
scoring_elements 0.51774
published_at 2026-04-09T12:55:00Z
9
value 0.00284
scoring_system epss
scoring_elements 0.51778
published_at 2026-04-08T12:55:00Z
10
value 0.00284
scoring_system epss
scoring_elements 0.51723
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5324
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/33b55588a6a5f844a59f2cd8940d385c6d412eb5
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/33b55588a6a5f844a59f2cd8940d385c6d412eb5
6
reference_url https://github.com/jenkinsci/jenkins/commit/4a72e938d58598cd4bd3caa48ee9e8a3f60c30e4
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/4a72e938d58598cd4bd3caa48ee9e8a3f60c30e4
7
reference_url https://github.com/jenkinsci/jenkins/commit/581eb9ceb354b8a55c010d0547ff73cb6fd67a75
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/581eb9ceb354b8a55c010d0547ff73cb6fd67a75
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1282367
reference_id 1282367
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1282367
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5324
reference_id CVE-2015-5324
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5324
14
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
reference_id CVE-2015-8103;OSVDB-130184
reference_type exploit
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
15
reference_url https://github.com/advisories/GHSA-5xmf-9vgr-53mj
reference_id GHSA-5xmf-9vgr-53mj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5xmf-9vgr-53mj
16
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.638
aliases CVE-2015-5324, GHSA-5xmf-9vgr-53mj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zfsk-m177-9qch
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.638