Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
Typemaven
Namespaceorg.jenkins-ci.main
Namejenkins-core
Version1.480.3
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.482
Latest_non_vulnerable_version2.551
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3t7n-a654-suhv
vulnerability_id VCID-3t7n-a654-suhv
summary 
Cross-Site Request Forgery (CSRF)
Cross-site request forgery (CSRF) vulnerability in Jenkins master in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to hijack the authentication of users via unknown vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-0638.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0638.html
1
reference_url https://access.redhat.com/errata/RHSA-2013:0638
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0638
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=914875
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=914875
3
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
reference_id
reference_type
scores
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
4
reference_url http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb
reference_id
reference_type
scores
url http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb
5
reference_url http://www.openwall.com/lists/oss-security/2013/02/21/7
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/02/21/7
6
reference_url https://access.redhat.com/security/cve/CVE-2013-0327
reference_id CVE-2013-0327
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2013-0327
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0327
reference_id CVE-2013-0327
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2013-0327
8
reference_url https://github.com/advisories/GHSA-rqhg-cxfr-8xqw
reference_id GHSA-rqhg-cxfr-8xqw
reference_type
scores
url https://github.com/advisories/GHSA-rqhg-cxfr-8xqw
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
aliases CVE-2013-0327, GHSA-rqhg-cxfr-8xqw
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3t7n-a654-suhv
1
url VCID-anqd-6ymu-pqhe
vulnerability_id VCID-anqd-6ymu-pqhe
summary 
Cross-Site Request Forgery (CSRF)
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2013-0638.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2013-0638.html
1
reference_url https://access.redhat.com/errata/RHSA-2013:0638
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2013:0638
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=914877
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=914877
3
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
reference_id
reference_type
scores
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
4
reference_url http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb
reference_id
reference_type
scores
url http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb
5
reference_url http://www.openwall.com/lists/oss-security/2013/02/21/7
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/02/21/7
6
reference_url https://access.redhat.com/security/cve/CVE-2013-0329
reference_id CVE-2013-0329
reference_type
scores
url https://access.redhat.com/security/cve/CVE-2013-0329
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0329
reference_id CVE-2013-0329
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2013-0329
8
reference_url https://github.com/advisories/GHSA-78cj-2m29-q5r9
reference_id GHSA-78cj-2m29-q5r9
reference_type
scores
url https://github.com/advisories/GHSA-78cj-2m29-q5r9
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
aliases CVE-2013-0329, GHSA-78cj-2m29-q5r9
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-anqd-6ymu-pqhe
2
url VCID-jwfm-58dk-v7da
vulnerability_id VCID-jwfm-58dk-v7da
summary 
Jenkins Vulnerable to Denial of Service (DoS) via Crafted Payload
Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload.
references
0
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=914879
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=914879
1
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
url https://github.com/jenkinsci/jenkins
2
reference_url https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994
reference_id
reference_type
scores
url https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994
3
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
reference_id
reference_type
scores
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0331
reference_id CVE-2013-0331
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2013-0331
5
reference_url https://github.com/advisories/GHSA-5c56-g5cq-4gj9
reference_id GHSA-5c56-g5cq-4gj9
reference_type
scores
url https://github.com/advisories/GHSA-5c56-g5cq-4gj9
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
aliases CVE-2013-0331, GHSA-5c56-g5cq-4gj9
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jwfm-58dk-v7da
3
url VCID-y564-2n7z-r3fv
vulnerability_id VCID-y564-2n7z-r3fv
summary 
Jenkins allows Remote Users to Build Arbitrary Jobs
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.
references
0
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=914878
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=914878
1
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
url https://github.com/jenkinsci/jenkins
2
reference_url https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994
reference_id
reference_type
scores
url https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994
3
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
reference_id
reference_type
scores
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-0330
reference_id CVE-2013-0330
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2013-0330
5
reference_url https://github.com/advisories/GHSA-25c5-58xw-hw5q
reference_id GHSA-25c5-58xw-hw5q
reference_type
scores
url https://github.com/advisories/GHSA-25c5-58xw-hw5q
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
aliases CVE-2013-0330, GHSA-25c5-58xw-hw5q
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y564-2n7z-r3fv
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3