Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-nwz6-6gd9-gyac
SummaryThe Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file.
Aliases
0
alias CVE-2013-6372
1
alias GHSA-c4fr-gx5w-8qf2
Fixed_packages
0
url pkg:maven/org.jenkins-ci.plugins/subversion@1.54
purl pkg:maven/org.jenkins-ci.plugins/subversion@1.54
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.plugins/subversion@1.54
Affected_packages
0
url pkg:rpm/redhat/jenkins@1.565.3-1?arch=el6op
purl pkg:rpm/redhat/jenkins@1.565.3-1?arch=el6op
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1r79-ts6t-hufh
1
vulnerability VCID-1zas-w8w2-4ydr
2
vulnerability VCID-28y2-gqhb-k7ak
3
vulnerability VCID-2vbv-gzfv-83ae
4
vulnerability VCID-4hfu-spf7-a3hw
5
vulnerability VCID-52sp-kv9t-gye3
6
vulnerability VCID-5ey2-dm5w-y7a6
7
vulnerability VCID-6avm-s2zj-5qex
8
vulnerability VCID-6qdw-fvzm-4kdx
9
vulnerability VCID-7p5d-b885-sycx
10
vulnerability VCID-bkyy-edpd-m3cy
11
vulnerability VCID-bn9w-mr5k-ufen
12
vulnerability VCID-c43n-xyfr-aqbe
13
vulnerability VCID-ds2c-vfv9-1yhf
14
vulnerability VCID-fnh5-jm4p-6yc8
15
vulnerability VCID-hvd6-bj7t-q7fj
16
vulnerability VCID-napq-s84t-dfct
17
vulnerability VCID-nwz6-6gd9-gyac
18
vulnerability VCID-r79s-gp2g-13b7
19
vulnerability VCID-u21t-wbdr-auez
20
vulnerability VCID-u321-xdwe-gfdp
21
vulnerability VCID-vznw-vuay-7bcg
22
vulnerability VCID-w6we-64uv-d3h7
23
vulnerability VCID-y95w-2r5s-gufd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@1.565.3-1%3Farch=el6op
1
url pkg:rpm/redhat/jenkins-plugin-openshift@0.6.40.1-0?arch=el6op
purl pkg:rpm/redhat/jenkins-plugin-openshift@0.6.40.1-0?arch=el6op
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1r79-ts6t-hufh
1
vulnerability VCID-1zas-w8w2-4ydr
2
vulnerability VCID-28y2-gqhb-k7ak
3
vulnerability VCID-2vbv-gzfv-83ae
4
vulnerability VCID-4hfu-spf7-a3hw
5
vulnerability VCID-52sp-kv9t-gye3
6
vulnerability VCID-5ey2-dm5w-y7a6
7
vulnerability VCID-6avm-s2zj-5qex
8
vulnerability VCID-6qdw-fvzm-4kdx
9
vulnerability VCID-7p5d-b885-sycx
10
vulnerability VCID-bkyy-edpd-m3cy
11
vulnerability VCID-bn9w-mr5k-ufen
12
vulnerability VCID-c43n-xyfr-aqbe
13
vulnerability VCID-ds2c-vfv9-1yhf
14
vulnerability VCID-fnh5-jm4p-6yc8
15
vulnerability VCID-hvd6-bj7t-q7fj
16
vulnerability VCID-napq-s84t-dfct
17
vulnerability VCID-nwz6-6gd9-gyac
18
vulnerability VCID-r79s-gp2g-13b7
19
vulnerability VCID-u21t-wbdr-auez
20
vulnerability VCID-u321-xdwe-gfdp
21
vulnerability VCID-vznw-vuay-7bcg
22
vulnerability VCID-w6we-64uv-d3h7
23
vulnerability VCID-y95w-2r5s-gufd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-plugin-openshift@0.6.40.1-0%3Farch=el6op
2
url pkg:rpm/redhat/openshift-origin-cartridge-jenkins@1.20.3.5-1?arch=el6op
purl pkg:rpm/redhat/openshift-origin-cartridge-jenkins@1.20.3.5-1?arch=el6op
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1zas-w8w2-4ydr
1
vulnerability VCID-28y2-gqhb-k7ak
2
vulnerability VCID-2vbv-gzfv-83ae
3
vulnerability VCID-4hfu-spf7-a3hw
4
vulnerability VCID-52sp-kv9t-gye3
5
vulnerability VCID-6avm-s2zj-5qex
6
vulnerability VCID-6qdw-fvzm-4kdx
7
vulnerability VCID-7p5d-b885-sycx
8
vulnerability VCID-bkyy-edpd-m3cy
9
vulnerability VCID-bn9w-mr5k-ufen
10
vulnerability VCID-c43n-xyfr-aqbe
11
vulnerability VCID-ds2c-vfv9-1yhf
12
vulnerability VCID-fnh5-jm4p-6yc8
13
vulnerability VCID-hvd6-bj7t-q7fj
14
vulnerability VCID-napq-s84t-dfct
15
vulnerability VCID-nwz6-6gd9-gyac
16
vulnerability VCID-r79s-gp2g-13b7
17
vulnerability VCID-u21t-wbdr-auez
18
vulnerability VCID-u321-xdwe-gfdp
19
vulnerability VCID-vznw-vuay-7bcg
20
vulnerability VCID-w6we-64uv-d3h7
21
vulnerability VCID-y95w-2r5s-gufd
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift-origin-cartridge-jenkins@1.20.3.5-1%3Farch=el6op
References
0
reference_url https://access.redhat.com/errata/RHBA-2014:1630
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHBA-2014:1630
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6372.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6372.json
2
reference_url https://access.redhat.com/security/cve/CVE-2013-6372
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2013-6372
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6372
reference_id
reference_type
scores
0
value 0.00061
scoring_system epss
scoring_elements 0.19107
published_at 2026-04-13T12:55:00Z
1
value 0.00061
scoring_system epss
scoring_elements 0.19201
published_at 2026-04-09T12:55:00Z
2
value 0.00061
scoring_system epss
scoring_elements 0.19085
published_at 2026-04-21T12:55:00Z
3
value 0.00061
scoring_system epss
scoring_elements 0.19077
published_at 2026-04-18T12:55:00Z
4
value 0.00061
scoring_system epss
scoring_elements 0.19065
published_at 2026-04-16T12:55:00Z
5
value 0.00061
scoring_system epss
scoring_elements 0.19298
published_at 2026-04-02T12:55:00Z
6
value 0.00061
scoring_system epss
scoring_elements 0.19351
published_at 2026-04-04T12:55:00Z
7
value 0.00061
scoring_system epss
scoring_elements 0.19068
published_at 2026-04-07T12:55:00Z
8
value 0.00061
scoring_system epss
scoring_elements 0.19148
published_at 2026-04-08T12:55:00Z
9
value 0.00061
scoring_system epss
scoring_elements 0.19161
published_at 2026-04-12T12:55:00Z
10
value 0.00061
scoring_system epss
scoring_elements 0.19208
published_at 2026-04-11T12:55:00Z
11
value 0.00061
scoring_system epss
scoring_elements 0.19164
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6372
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1032391
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1032391
5
reference_url https://github.com/jenkinsci/subversion-plugin
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/subversion-plugin
6
reference_url https://github.com/jenkinsci/subversion-plugin/commit/7d4562d6f7e40de04bbe29577b51c79f07d05ba6
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/subversion-plugin/commit/7d4562d6f7e40de04bbe29577b51c79f07d05ba6
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6372
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6372
8
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-11-20
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-11-20
9
reference_url https://github.com/advisories/GHSA-c4fr-gx5w-8qf2
reference_id GHSA-c4fr-gx5w-8qf2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c4fr-gx5w-8qf2
Weaknesses
0
cwe_id 326
name Inadequate Encryption Strength
description The product stores or transmits sensitive data using an encryption scheme that is theoretically sound, but is not strong enough for the level of protection required.
1
cwe_id 522
name Insufficiently Protected Credentials
description The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
Exploits
Severity_range_score4.0 - 6.9
Exploitability0.5
Weighted_severity6.2
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-nwz6-6gd9-gyac