Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jenkins-ci.main/jenkins-core@1.640
Typemaven
Namespaceorg.jenkins-ci.main
Namejenkins-core
Version1.640
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.642.2
Latest_non_vulnerable_version2.555
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-619d-pxn6-fkce
vulnerability_id VCID-619d-pxn6-fkce
summary 
Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
Cross-site request forgery (CSRF) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote attackers to hijack the authentication of administrators for requests that have unspecified impact via vectors related to the HTTP GET method.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7537.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7537.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7537
reference_id
reference_type
scores
0
value 0.00397
scoring_system epss
scoring_elements 0.60599
published_at 2026-04-21T12:55:00Z
1
value 0.00397
scoring_system epss
scoring_elements 0.60443
published_at 2026-04-01T12:55:00Z
2
value 0.00397
scoring_system epss
scoring_elements 0.60519
published_at 2026-04-02T12:55:00Z
3
value 0.00397
scoring_system epss
scoring_elements 0.60545
published_at 2026-04-04T12:55:00Z
4
value 0.00397
scoring_system epss
scoring_elements 0.60514
published_at 2026-04-07T12:55:00Z
5
value 0.00397
scoring_system epss
scoring_elements 0.60563
published_at 2026-04-08T12:55:00Z
6
value 0.00397
scoring_system epss
scoring_elements 0.60579
published_at 2026-04-09T12:55:00Z
7
value 0.00397
scoring_system epss
scoring_elements 0.606
published_at 2026-04-11T12:55:00Z
8
value 0.00397
scoring_system epss
scoring_elements 0.60585
published_at 2026-04-12T12:55:00Z
9
value 0.00397
scoring_system epss
scoring_elements 0.60565
published_at 2026-04-13T12:55:00Z
10
value 0.00397
scoring_system epss
scoring_elements 0.60605
published_at 2026-04-16T12:55:00Z
11
value 0.00397
scoring_system epss
scoring_elements 0.60611
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7537
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/40a28999e221a209212c30586be9c39049510bd1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/40a28999e221a209212c30586be9c39049510bd1
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1291795
reference_id 1291795
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1291795
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7537
reference_id CVE-2015-7537
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7537
13
reference_url https://github.com/advisories/GHSA-3vhr-f5xr-8vpx
reference_id GHSA-3vhr-f5xr-8vpx
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3vhr-f5xr-8vpx
14
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
aliases CVE-2015-7537, GHSA-3vhr-f5xr-8vpx
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-619d-pxn6-fkce
1
url VCID-8q9g-qfve-93ba
vulnerability_id VCID-8q9g-qfve-93ba
summary 
Jenkins does not Verify Checksums for Plugin Files
The Plugins Manager in Jenkins before 1.640 and LTS before 1.625.2 does not verify checksums for plugin files referenced in update site data, which makes it easier for man-in-the-middle attackers to execute arbitrary code via a crafted plugin.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7539.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7539.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7539
reference_id
reference_type
scores
0
value 0.0104
scoring_system epss
scoring_elements 0.77468
published_at 2026-04-18T12:55:00Z
1
value 0.0104
scoring_system epss
scoring_elements 0.7747
published_at 2026-04-16T12:55:00Z
2
value 0.0104
scoring_system epss
scoring_elements 0.77431
published_at 2026-04-13T12:55:00Z
3
value 0.0104
scoring_system epss
scoring_elements 0.77434
published_at 2026-04-12T12:55:00Z
4
value 0.0104
scoring_system epss
scoring_elements 0.77454
published_at 2026-04-11T12:55:00Z
5
value 0.0104
scoring_system epss
scoring_elements 0.77429
published_at 2026-04-09T12:55:00Z
6
value 0.0104
scoring_system epss
scoring_elements 0.77461
published_at 2026-04-21T12:55:00Z
7
value 0.0104
scoring_system epss
scoring_elements 0.77389
published_at 2026-04-07T12:55:00Z
8
value 0.0104
scoring_system epss
scoring_elements 0.77409
published_at 2026-04-04T12:55:00Z
9
value 0.0104
scoring_system epss
scoring_elements 0.77383
published_at 2026-04-02T12:55:00Z
10
value 0.0104
scoring_system epss
scoring_elements 0.77376
published_at 2026-04-01T12:55:00Z
11
value 0.0104
scoring_system epss
scoring_elements 0.7742
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7539
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/11479a2cc0a322a6bcd7e65667f3d24aa4d444bb
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/11479a2cc0a322a6bcd7e65667f3d24aa4d444bb
6
reference_url https://github.com/jenkinsci/jenkins/commit/97adb71aa4509f91e408a16ba312e817ec015cf4
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/97adb71aa4509f91e408a16ba312e817ec015cf4
7
reference_url https://github.com/jenkinsci/jenkins/commit/9ec88357a354d8354728cc06e2b8c8b68aee58bf
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/9ec88357a354d8354728cc06e2b8c8b68aee58bf
8
reference_url https://github.com/jenkinsci/jenkins/commit/c158648afa8888bc49ac337c973d4e4bc050118e
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/c158648afa8888bc49ac337c973d4e4bc050118e
9
reference_url https://github.com/jenkinsci/jenkins/commit/f99cb46e06f394637067730a82f46bddc3567295
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/f99cb46e06f394637067730a82f46bddc3567295
10
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1291798
reference_id 1291798
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1291798
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7539
reference_id CVE-2015-7539
reference_type
scores
0
value 7.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:C/I:C/A:C
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7539
17
reference_url https://github.com/advisories/GHSA-x274-9m9r-fm5g
reference_id GHSA-x274-9m9r-fm5g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x274-9m9r-fm5g
18
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
aliases CVE-2015-7539, GHSA-x274-9m9r-fm5g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8q9g-qfve-93ba
2
url VCID-hkx6-feah-ckgv
vulnerability_id VCID-hkx6-feah-ckgv
summary 
Jenkins Vulnerable to Cross-Site Request Forgery (CSRF) Attack
Jenkins before 1.640 and LTS before 1.625.2 allow remote attackers to bypass the CSRF protection mechanism via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-0489.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0489.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0070
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7538.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7538.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7538
reference_id
reference_type
scores
0
value 0.00234
scoring_system epss
scoring_elements 0.46307
published_at 2026-04-13T12:55:00Z
1
value 0.00234
scoring_system epss
scoring_elements 0.46298
published_at 2026-04-12T12:55:00Z
2
value 0.00234
scoring_system epss
scoring_elements 0.46326
published_at 2026-04-11T12:55:00Z
3
value 0.00234
scoring_system epss
scoring_elements 0.46302
published_at 2026-04-09T12:55:00Z
4
value 0.00234
scoring_system epss
scoring_elements 0.46247
published_at 2026-04-07T12:55:00Z
5
value 0.00234
scoring_system epss
scoring_elements 0.463
published_at 2026-04-04T12:55:00Z
6
value 0.00234
scoring_system epss
scoring_elements 0.4624
published_at 2026-04-01T12:55:00Z
7
value 0.00234
scoring_system epss
scoring_elements 0.46281
published_at 2026-04-02T12:55:00Z
8
value 0.00234
scoring_system epss
scoring_elements 0.46305
published_at 2026-04-21T12:55:00Z
9
value 0.00234
scoring_system epss
scoring_elements 0.46361
published_at 2026-04-18T12:55:00Z
10
value 0.00234
scoring_system epss
scoring_elements 0.46364
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7538
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/ba747888108d0db90d469c6d210b1df465d8fac1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/ba747888108d0db90d469c6d210b1df465d8fac1
6
reference_url https://github.com/jenkinsci/jenkins/commit/ef2c0dc163695af3a57ad7a45571293377ff679b
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/ef2c0dc163695af3a57ad7a45571293377ff679b
7
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1291797
reference_id 1291797
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1291797
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7538
reference_id CVE-2015-7538
reference_type
scores
0
value 6.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7538
14
reference_url https://github.com/advisories/GHSA-w7qm-fprw-cqgq
reference_id GHSA-w7qm-fprw-cqgq
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w7qm-fprw-cqgq
15
reference_url https://access.redhat.com/errata/RHSA-2016:0489
reference_id RHSA-2016:0489
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0489
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
aliases CVE-2015-7538, GHSA-w7qm-fprw-cqgq
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hkx6-feah-ckgv
3
url VCID-hw73-944y-ubdp
vulnerability_id VCID-hw73-944y-ubdp
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site scripting (XSS) vulnerability in Jenkins before 1.640 and LTS before 1.625.2 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to workspaces and archived artifacts.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7536.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7536.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7536
reference_id
reference_type
scores
0
value 0.00289
scoring_system epss
scoring_elements 0.52291
published_at 2026-04-02T12:55:00Z
1
value 0.00289
scoring_system epss
scoring_elements 0.52282
published_at 2026-04-07T12:55:00Z
2
value 0.00289
scoring_system epss
scoring_elements 0.52319
published_at 2026-04-04T12:55:00Z
3
value 0.00289
scoring_system epss
scoring_elements 0.52378
published_at 2026-04-21T12:55:00Z
4
value 0.00289
scoring_system epss
scoring_elements 0.52394
published_at 2026-04-18T12:55:00Z
5
value 0.00289
scoring_system epss
scoring_elements 0.52389
published_at 2026-04-16T12:55:00Z
6
value 0.00289
scoring_system epss
scoring_elements 0.5235
published_at 2026-04-13T12:55:00Z
7
value 0.00289
scoring_system epss
scoring_elements 0.52364
published_at 2026-04-12T12:55:00Z
8
value 0.00289
scoring_system epss
scoring_elements 0.5238
published_at 2026-04-11T12:55:00Z
9
value 0.00289
scoring_system epss
scoring_elements 0.5233
published_at 2026-04-09T12:55:00Z
10
value 0.00289
scoring_system epss
scoring_elements 0.52335
published_at 2026-04-08T12:55:00Z
11
value 0.00289
scoring_system epss
scoring_elements 0.52248
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7536
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/27c303417a226bf4c06a588570f28ac2e2507c6c
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/27c303417a226bf4c06a588570f28ac2e2507c6c
4
reference_url https://github.com/jenkinsci/jenkins/commit/d3fb2c09f29007dce84a213ae8323df1105dcc30
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/d3fb2c09f29007dce84a213ae8323df1105dcc30
5
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-12-09
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1291794
reference_id 1291794
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1291794
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7536
reference_id CVE-2015-7536
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
2
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7536
10
reference_url https://github.com/advisories/GHSA-x3p3-929j-pq66
reference_id GHSA-x3p3-929j-pq66
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x3p3-929j-pq66
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.625.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.640
aliases CVE-2015-7536, GHSA-x3p3-929j-pq66
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hw73-944y-ubdp
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.640