Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jenkins-ci.main/jenkins-core@1.596.1
Typemaven
Namespaceorg.jenkins-ci.main
Namejenkins-core
Version1.596.1
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version1.600
Latest_non_vulnerable_version2.551
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-ss6w-thk4-7fd3
vulnerability_id VCID-ss6w-thk4-7fd3
summary 
Jenkins does not Restrict Reserved Names Allowing for Privilege Escalation
The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using the "Jenkins' own user database" setting, which allows remote attackers to gain privileges by creating a reserved name.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:0070
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0070
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1205627
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1205627
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
url https://github.com/jenkinsci/jenkins
3
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
reference_id
reference_type
scores
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-1810
reference_id CVE-2015-1810
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2015-1810
5
reference_url https://github.com/advisories/GHSA-37wm-28rm-56vw
reference_id GHSA-37wm-28rm-56vw
reference_type
scores
url https://github.com/advisories/GHSA-37wm-28rm-56vw
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.596.1
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.596.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.596.1
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.600
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.600
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.600
aliases CVE-2015-1810, GHSA-37wm-28rm-56vw
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ss6w-thk4-7fd3
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.596.1