Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
Typemaven
Namespaceorg.jenkins-ci.main
Namejenkins-core
Version1.651.2
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.3
Latest_non_vulnerable_version2.555
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-5tfj-bm2b-ffhm
vulnerability_id VCID-5tfj-bm2b-ffhm
summary 
Jenkins Exposes Sensitive Information via API URL
The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3727.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3727.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3727
reference_id
reference_type
scores
0
value 0.0009
scoring_system epss
scoring_elements 0.25387
published_at 2026-04-16T12:55:00Z
1
value 0.0009
scoring_system epss
scoring_elements 0.25576
published_at 2026-04-04T12:55:00Z
2
value 0.0009
scoring_system epss
scoring_elements 0.25309
published_at 2026-04-24T12:55:00Z
3
value 0.0009
scoring_system epss
scoring_elements 0.25347
published_at 2026-04-21T12:55:00Z
4
value 0.0009
scoring_system epss
scoring_elements 0.25377
published_at 2026-04-18T12:55:00Z
5
value 0.0009
scoring_system epss
scoring_elements 0.25349
published_at 2026-04-07T12:55:00Z
6
value 0.0009
scoring_system epss
scoring_elements 0.25539
published_at 2026-04-02T12:55:00Z
7
value 0.0009
scoring_system epss
scoring_elements 0.2538
published_at 2026-04-13T12:55:00Z
8
value 0.0009
scoring_system epss
scoring_elements 0.25434
published_at 2026-04-12T12:55:00Z
9
value 0.0009
scoring_system epss
scoring_elements 0.25476
published_at 2026-04-11T12:55:00Z
10
value 0.0009
scoring_system epss
scoring_elements 0.25464
published_at 2026-04-09T12:55:00Z
11
value 0.0009
scoring_system epss
scoring_elements 0.25473
published_at 2026-04-01T12:55:00Z
12
value 0.0009
scoring_system epss
scoring_elements 0.25417
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3727
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/d66ad6f3ee46a5c6bb865bb831e8cdfc74cd7eb3
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/d66ad6f3ee46a5c6bb865bb831e8cdfc74cd7eb3
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
7
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335422
reference_id 1335422
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335422
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3727
reference_id CVE-2016-3727
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3727
14
reference_url https://github.com/advisories/GHSA-6cr3-cm5h-8q96
reference_id GHSA-6cr3-cm5h-8q96
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-6cr3-cm5h-8q96
15
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
aliases CVE-2016-3727, GHSA-6cr3-cm5h-8q96
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5tfj-bm2b-ffhm
1
url VCID-b69p-t71y-hbhd
vulnerability_id VCID-b69p-t71y-hbhd
summary 
Jenkins affected by Open Redirect Vulnerability
Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3726.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3726.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3726
reference_id
reference_type
scores
0
value 0.00081
scoring_system epss
scoring_elements 0.23738
published_at 2026-04-16T12:55:00Z
1
value 0.00081
scoring_system epss
scoring_elements 0.23727
published_at 2026-04-13T12:55:00Z
2
value 0.00081
scoring_system epss
scoring_elements 0.23784
published_at 2026-04-12T12:55:00Z
3
value 0.00081
scoring_system epss
scoring_elements 0.23828
published_at 2026-04-11T12:55:00Z
4
value 0.00081
scoring_system epss
scoring_elements 0.23814
published_at 2026-04-09T12:55:00Z
5
value 0.00081
scoring_system epss
scoring_elements 0.23908
published_at 2026-04-04T12:55:00Z
6
value 0.00081
scoring_system epss
scoring_elements 0.23592
published_at 2026-04-24T12:55:00Z
7
value 0.00081
scoring_system epss
scoring_elements 0.23703
published_at 2026-04-21T12:55:00Z
8
value 0.00081
scoring_system epss
scoring_elements 0.23726
published_at 2026-04-18T12:55:00Z
9
value 0.00081
scoring_system epss
scoring_elements 0.23697
published_at 2026-04-07T12:55:00Z
10
value 0.00081
scoring_system epss
scoring_elements 0.23867
published_at 2026-04-02T12:55:00Z
11
value 0.00081
scoring_system epss
scoring_elements 0.23751
published_at 2026-04-01T12:55:00Z
12
value 0.00081
scoring_system epss
scoring_elements 0.23767
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3726
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/2ed0c046dfbb2003a17df27c53777e72c6eaff25
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/2ed0c046dfbb2003a17df27c53777e72c6eaff25
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
7
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335421
reference_id 1335421
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335421
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3726
reference_id CVE-2016-3726
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
1
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
2
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3726
14
reference_url https://github.com/advisories/GHSA-rx4r-gxpc-h85x
reference_id GHSA-rx4r-gxpc-h85x
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rx4r-gxpc-h85x
15
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
aliases CVE-2016-3726, GHSA-rx4r-gxpc-h85x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b69p-t71y-hbhd
2
url VCID-jaty-3r2s-pqc2
vulnerability_id VCID-jaty-3r2s-pqc2
summary 
Jenkins allows Remote Users to Inject Build Parameters
Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3721.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3721.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3721
reference_id
reference_type
scores
0
value 0.00379
scoring_system epss
scoring_elements 0.59419
published_at 2026-04-24T12:55:00Z
1
value 0.00379
scoring_system epss
scoring_elements 0.59425
published_at 2026-04-13T12:55:00Z
2
value 0.00379
scoring_system epss
scoring_elements 0.5946
published_at 2026-04-11T12:55:00Z
3
value 0.00379
scoring_system epss
scoring_elements 0.59441
published_at 2026-04-09T12:55:00Z
4
value 0.00379
scoring_system epss
scoring_elements 0.59428
published_at 2026-04-08T12:55:00Z
5
value 0.00379
scoring_system epss
scoring_elements 0.59377
published_at 2026-04-07T12:55:00Z
6
value 0.00379
scoring_system epss
scoring_elements 0.59457
published_at 2026-04-16T12:55:00Z
7
value 0.00379
scoring_system epss
scoring_elements 0.59464
published_at 2026-04-18T12:55:00Z
8
value 0.00379
scoring_system epss
scoring_elements 0.59444
published_at 2026-04-21T12:55:00Z
9
value 0.00379
scoring_system epss
scoring_elements 0.59411
published_at 2026-04-04T12:55:00Z
10
value 0.00379
scoring_system epss
scoring_elements 0.59313
published_at 2026-04-01T12:55:00Z
11
value 0.00379
scoring_system epss
scoring_elements 0.59387
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3721
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://wiki.jenkins-ci.org/display/JENKINS/Plugins+affected+by+fix+for+SECURITY-170
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://wiki.jenkins-ci.org/display/JENKINS/Plugins+affected+by+fix+for+SECURITY-170
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
7
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
8
reference_url http://www.openwall.com/lists/oss-security/2024/05/02/3
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url http://www.openwall.com/lists/oss-security/2024/05/02/3
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335415
reference_id 1335415
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335415
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3721
reference_id CVE-2016-3721
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:P/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
3
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
4
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3721
15
reference_url https://github.com/advisories/GHSA-qf2h-h3xq-j93j
reference_id GHSA-qf2h-h3xq-j93j
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qf2h-h3xq-j93j
16
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
aliases CVE-2016-3721, GHSA-qf2h-h3xq-j93j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jaty-3r2s-pqc2
3
url VCID-kt3k-9uyt-13d1
vulnerability_id VCID-kt3k-9uyt-13d1
summary 
Jenkins Exposes Sensitive Information from Job Configuration
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3724.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3724.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3724
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48544
published_at 2026-04-13T12:55:00Z
1
value 0.00252
scoring_system epss
scoring_elements 0.48531
published_at 2026-04-24T12:55:00Z
2
value 0.00252
scoring_system epss
scoring_elements 0.48558
published_at 2026-04-11T12:55:00Z
3
value 0.00252
scoring_system epss
scoring_elements 0.48535
published_at 2026-04-04T12:55:00Z
4
value 0.00252
scoring_system epss
scoring_elements 0.48548
published_at 2026-04-21T12:55:00Z
5
value 0.00252
scoring_system epss
scoring_elements 0.4859
published_at 2026-04-18T12:55:00Z
6
value 0.00252
scoring_system epss
scoring_elements 0.48594
published_at 2026-04-16T12:55:00Z
7
value 0.00252
scoring_system epss
scoring_elements 0.48512
published_at 2026-04-02T12:55:00Z
8
value 0.00252
scoring_system epss
scoring_elements 0.48487
published_at 2026-04-07T12:55:00Z
9
value 0.00252
scoring_system epss
scoring_elements 0.48476
published_at 2026-04-01T12:55:00Z
10
value 0.00252
scoring_system epss
scoring_elements 0.48537
published_at 2026-04-09T12:55:00Z
11
value 0.00252
scoring_system epss
scoring_elements 0.48542
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3724
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
6
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335418
reference_id 1335418
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335418
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_id cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_id cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:3.2:*:*:*:enterprise:*:*:*
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3724
reference_id CVE-2016-3724
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3724
13
reference_url https://github.com/advisories/GHSA-7vvj-qqvj-h8mc
reference_id GHSA-7vvj-qqvj-h8mc
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7vvj-qqvj-h8mc
14
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.3
aliases CVE-2016-3724, GHSA-7vvj-qqvj-h8mc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kt3k-9uyt-13d1
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.651.2