Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/jenkins@2.235.5.1600414805-1?arch=el7
Typerpm
Namespaceredhat
Namejenkins
Version2.235.5.1600414805-1
Qualifiers
arch el7
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-cgen-qcyh-yqbu
vulnerability_id VCID-cgen-qcyh-yqbu
summary 
Jenkins Cross-site Scripting vulnerability in project naming strategy
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the project naming strategy description, that is displayed on item creation.\n\nThis results in a stored cross-site scripting (XSS) vulnerability exploitable by users with Overall/Manage permission.\n\nJenkins 2.252, LTS 2.235.4 escapes the project naming strategy description.
references
0
reference_url http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2230.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2230.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2230
reference_id
reference_type
scores
0
value 0.0038
scoring_system epss
scoring_elements 0.59481
published_at 2026-04-29T12:55:00Z
1
value 0.0038
scoring_system epss
scoring_elements 0.59475
published_at 2026-04-24T12:55:00Z
2
value 0.0038
scoring_system epss
scoring_elements 0.59502
published_at 2026-04-21T12:55:00Z
3
value 0.0038
scoring_system epss
scoring_elements 0.59519
published_at 2026-04-18T12:55:00Z
4
value 0.0038
scoring_system epss
scoring_elements 0.59512
published_at 2026-04-16T12:55:00Z
5
value 0.0038
scoring_system epss
scoring_elements 0.59479
published_at 2026-04-13T12:55:00Z
6
value 0.0038
scoring_system epss
scoring_elements 0.59499
published_at 2026-04-12T12:55:00Z
7
value 0.0038
scoring_system epss
scoring_elements 0.59368
published_at 2026-04-01T12:55:00Z
8
value 0.0038
scoring_system epss
scoring_elements 0.59441
published_at 2026-04-02T12:55:00Z
9
value 0.0038
scoring_system epss
scoring_elements 0.59514
published_at 2026-04-11T12:55:00Z
10
value 0.0038
scoring_system epss
scoring_elements 0.59465
published_at 2026-04-04T12:55:00Z
11
value 0.0038
scoring_system epss
scoring_elements 0.59432
published_at 2026-04-07T12:55:00Z
12
value 0.0038
scoring_system epss
scoring_elements 0.59496
published_at 2026-04-26T12:55:00Z
13
value 0.0038
scoring_system epss
scoring_elements 0.59483
published_at 2026-04-08T12:55:00Z
14
value 0.0038
scoring_system epss
scoring_elements 0.59491
published_at 2026-05-07T12:55:00Z
15
value 0.0038
scoring_system epss
scoring_elements 0.59443
published_at 2026-05-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2230
3
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
4
reference_url https://github.com/jenkinsci/jenkins/commit/e49f690939596acbc9a1be64128b2c7eaf91a6db
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/e49f690939596acbc9a1be64128b2c7eaf91a6db
5
reference_url https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1957
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1957
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-2230
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-2230
7
reference_url http://www.openwall.com/lists/oss-security/2020/08/12/4
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/08/12/4
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1875232
reference_id 1875232
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1875232
9
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/49237.txt
reference_id CVE-2020-2230
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/49237.txt
10
reference_url https://github.com/advisories/GHSA-9g4m-ffx6-c29g
reference_id GHSA-9g4m-ffx6-c29g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9g4m-ffx6-c29g
11
reference_url https://access.redhat.com/errata/RHSA-2020:3808
reference_id RHSA-2020:3808
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3808
12
reference_url https://access.redhat.com/errata/RHSA-2020:3841
reference_id RHSA-2020:3841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3841
13
reference_url https://access.redhat.com/errata/RHSA-2020:4220
reference_id RHSA-2020:4220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4220
14
reference_url https://access.redhat.com/errata/RHSA-2020:4223
reference_id RHSA-2020:4223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4223
fixed_packages
aliases CVE-2020-2230, GHSA-9g4m-ffx6-c29g
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cgen-qcyh-yqbu
1
url VCID-fy5p-8vcs-zkha
vulnerability_id VCID-fy5p-8vcs-zkha
summary 
Jenkins Cross-Site Scripting vulnerability in help icons
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the tooltip content of help icons. Tooltip values can be contributed by plugins, some of which use user-specified values.
This results in a stored cross-site scripting (XSS) vulnerability.
Jenkins 2.252, LTS 2.235.4 escapes the tooltip content of help icons.
references
0
reference_url http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/160443/Jenkins-2.235.3-Cross-Site-Scripting.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2229.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2229.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2229
reference_id
reference_type
scores
0
value 0.02572
scoring_system epss
scoring_elements 0.85604
published_at 2026-04-29T12:55:00Z
1
value 0.02572
scoring_system epss
scoring_elements 0.85603
published_at 2026-04-26T12:55:00Z
2
value 0.02572
scoring_system epss
scoring_elements 0.85593
published_at 2026-04-24T12:55:00Z
3
value 0.02572
scoring_system epss
scoring_elements 0.85571
published_at 2026-04-21T12:55:00Z
4
value 0.02572
scoring_system epss
scoring_elements 0.85575
published_at 2026-04-18T12:55:00Z
5
value 0.02572
scoring_system epss
scoring_elements 0.8557
published_at 2026-04-16T12:55:00Z
6
value 0.02572
scoring_system epss
scoring_elements 0.85547
published_at 2026-04-13T12:55:00Z
7
value 0.02572
scoring_system epss
scoring_elements 0.85476
published_at 2026-04-01T12:55:00Z
8
value 0.02572
scoring_system epss
scoring_elements 0.85488
published_at 2026-04-02T12:55:00Z
9
value 0.02572
scoring_system epss
scoring_elements 0.8555
published_at 2026-04-12T12:55:00Z
10
value 0.02572
scoring_system epss
scoring_elements 0.85504
published_at 2026-04-04T12:55:00Z
11
value 0.02572
scoring_system epss
scoring_elements 0.85509
published_at 2026-04-07T12:55:00Z
12
value 0.02572
scoring_system epss
scoring_elements 0.85529
published_at 2026-04-08T12:55:00Z
13
value 0.02572
scoring_system epss
scoring_elements 0.85552
published_at 2026-04-11T12:55:00Z
14
value 0.02572
scoring_system epss
scoring_elements 0.85538
published_at 2026-04-09T12:55:00Z
15
value 0.02572
scoring_system epss
scoring_elements 0.85644
published_at 2026-05-07T12:55:00Z
16
value 0.02572
scoring_system epss
scoring_elements 0.85621
published_at 2026-05-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2229
3
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
4
reference_url https://github.com/jenkinsci/jenkins/commit/fe4cbe03804d6240d0b58d0b2301ea9530a34916
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/fe4cbe03804d6240d0b58d0b2301ea9530a34916
5
reference_url https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1955
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1955
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-2229
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-2229
7
reference_url http://www.openwall.com/lists/oss-security/2020/08/12/4
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/08/12/4
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1874830
reference_id 1874830
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1874830
9
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/49232.txt
reference_id CVE-2020-2229
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/49232.txt
10
reference_url https://github.com/advisories/GHSA-hvmc-7g2x-r3p9
reference_id GHSA-hvmc-7g2x-r3p9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hvmc-7g2x-r3p9
11
reference_url https://access.redhat.com/errata/RHSA-2020:3808
reference_id RHSA-2020:3808
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3808
12
reference_url https://access.redhat.com/errata/RHSA-2020:3841
reference_id RHSA-2020:3841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3841
13
reference_url https://access.redhat.com/errata/RHSA-2020:4220
reference_id RHSA-2020:4220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4220
14
reference_url https://access.redhat.com/errata/RHSA-2020:4223
reference_id RHSA-2020:4223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4223
fixed_packages
aliases CVE-2020-2229, GHSA-hvmc-7g2x-r3p9
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fy5p-8vcs-zkha
2
url VCID-re1r-xjv4-sqd3
vulnerability_id VCID-re1r-xjv4-sqd3
summary 
Improper Neutralization of Input During Web Page Generation in Jenkins
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the remote address of the host starting a build via 'Trigger builds remotely', resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure permission or knowledge of the Authentication Token.
references
0
reference_url http://packetstormsecurity.com/files/160616/Jenkins-2.251-LTS-2.235.3-Cross-Site-Scripting.html
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/160616/Jenkins-2.251-LTS-2.235.3-Cross-Site-Scripting.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2231.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2231.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2231
reference_id
reference_type
scores
0
value 0.00472
scoring_system epss
scoring_elements 0.64752
published_at 2026-05-07T12:55:00Z
1
value 0.00472
scoring_system epss
scoring_elements 0.64689
published_at 2026-04-12T12:55:00Z
2
value 0.00472
scoring_system epss
scoring_elements 0.64661
published_at 2026-04-13T12:55:00Z
3
value 0.00472
scoring_system epss
scoring_elements 0.64697
published_at 2026-04-16T12:55:00Z
4
value 0.00472
scoring_system epss
scoring_elements 0.64709
published_at 2026-04-18T12:55:00Z
5
value 0.00472
scoring_system epss
scoring_elements 0.64696
published_at 2026-04-21T12:55:00Z
6
value 0.00472
scoring_system epss
scoring_elements 0.64716
published_at 2026-04-24T12:55:00Z
7
value 0.00472
scoring_system epss
scoring_elements 0.64728
published_at 2026-04-26T12:55:00Z
8
value 0.00472
scoring_system epss
scoring_elements 0.64726
published_at 2026-04-29T12:55:00Z
9
value 0.00472
scoring_system epss
scoring_elements 0.64705
published_at 2026-05-05T12:55:00Z
10
value 0.00472
scoring_system epss
scoring_elements 0.64581
published_at 2026-04-01T12:55:00Z
11
value 0.00472
scoring_system epss
scoring_elements 0.64634
published_at 2026-04-02T12:55:00Z
12
value 0.00472
scoring_system epss
scoring_elements 0.64663
published_at 2026-04-04T12:55:00Z
13
value 0.00472
scoring_system epss
scoring_elements 0.6462
published_at 2026-04-07T12:55:00Z
14
value 0.00472
scoring_system epss
scoring_elements 0.64669
published_at 2026-04-08T12:55:00Z
15
value 0.00472
scoring_system epss
scoring_elements 0.64684
published_at 2026-04-09T12:55:00Z
16
value 0.00472
scoring_system epss
scoring_elements 0.64701
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2231
3
reference_url https://github.com/jenkinsci/jenkins/commit/29c9a8fdeafe26fded955cfba188f50fd4f1786a
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/29c9a8fdeafe26fded955cfba188f50fd4f1786a
4
reference_url https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1960
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2020-08-12/#SECURITY-1960
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-2231
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-2231
6
reference_url http://www.openwall.com/lists/oss-security/2020/08/12/4
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/08/12/4
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1875234
reference_id 1875234
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1875234
8
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/49244.txt
reference_id CVE-2020-2231
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/webapps/49244.txt
9
reference_url https://github.com/advisories/GHSA-jpvq-v729-7j2h
reference_id GHSA-jpvq-v729-7j2h
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jpvq-v729-7j2h
10
reference_url https://access.redhat.com/errata/RHSA-2020:3808
reference_id RHSA-2020:3808
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3808
11
reference_url https://access.redhat.com/errata/RHSA-2020:3841
reference_id RHSA-2020:3841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3841
12
reference_url https://access.redhat.com/errata/RHSA-2020:4220
reference_id RHSA-2020:4220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4220
13
reference_url https://access.redhat.com/errata/RHSA-2020:4223
reference_id RHSA-2020:4223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4223
fixed_packages
aliases CVE-2020-2231, GHSA-jpvq-v729-7j2h
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-re1r-xjv4-sqd3
3
url VCID-sw3q-jzqx-dkbn
vulnerability_id VCID-sw3q-jzqx-dkbn
summary 
Operation on a Resource after Expiration or Release in Jetty Server
In Eclipse Jetty, versions 9.4.27.v20200227 to 9.4.29.v20200521, in case of too large response headers, Jetty throws an exception to produce an HTTP 431 error. When this happens, the ByteBuffer containing the HTTP response headers is released back to the ByteBufferPool twice. Because of this double release, two threads can acquire the same ByteBuffer from the pool and while thread1 is about to use the ByteBuffer to write response1 data, thread2 fills the ByteBuffer with response2 data. Thread1 then proceeds to write the buffer that now contains response2 data. This results in client1, which issued request1 and expects responses, to see response2 which could contain sensitive data belonging to client2 (HTTP session ids, authentication credentials, etc.).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17638.json
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-17638.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-17638
reference_id
reference_type
scores
0
value 0.30928
scoring_system epss
scoring_elements 0.96765
published_at 2026-05-07T12:55:00Z
1
value 0.30928
scoring_system epss
scoring_elements 0.96762
published_at 2026-05-05T12:55:00Z
2
value 0.30928
scoring_system epss
scoring_elements 0.96753
published_at 2026-04-29T12:55:00Z
3
value 0.30928
scoring_system epss
scoring_elements 0.9675
published_at 2026-04-26T12:55:00Z
4
value 0.30928
scoring_system epss
scoring_elements 0.96705
published_at 2026-04-01T12:55:00Z
5
value 0.30928
scoring_system epss
scoring_elements 0.96715
published_at 2026-04-02T12:55:00Z
6
value 0.30928
scoring_system epss
scoring_elements 0.96717
published_at 2026-04-04T12:55:00Z
7
value 0.30928
scoring_system epss
scoring_elements 0.96748
published_at 2026-04-24T12:55:00Z
8
value 0.30928
scoring_system epss
scoring_elements 0.96749
published_at 2026-04-21T12:55:00Z
9
value 0.30928
scoring_system epss
scoring_elements 0.96746
published_at 2026-04-18T12:55:00Z
10
value 0.30928
scoring_system epss
scoring_elements 0.96742
published_at 2026-04-16T12:55:00Z
11
value 0.30928
scoring_system epss
scoring_elements 0.96736
published_at 2026-04-13T12:55:00Z
12
value 0.30928
scoring_system epss
scoring_elements 0.96733
published_at 2026-04-12T12:55:00Z
13
value 0.30928
scoring_system epss
scoring_elements 0.9673
published_at 2026-04-09T12:55:00Z
14
value 0.30928
scoring_system epss
scoring_elements 0.96721
published_at 2026-04-07T12:55:00Z
15
value 0.30928
scoring_system epss
scoring_elements 0.96729
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-17638
2
reference_url https://bugs.eclipse.org/bugs/show_bug.cgi?id=564984
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugs.eclipse.org/bugs/show_bug.cgi?id=564984
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17638
4
reference_url https://github.com/eclipse/jetty.project/commit/ff8ae56fa939c3477a0cdd1ff56ce3d902f08fba
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/eclipse/jetty.project/commit/ff8ae56fa939c3477a0cdd1ff56ce3d902f08fba
5
reference_url https://github.com/eclipse/jetty.project/issues/4936
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/eclipse/jetty.project/issues/4936
6
reference_url https://lists.apache.org/thread.html/r29073905dc9139d0d7a146595694bf57bb9e35e5ec6aa73eb9c8443a@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r29073905dc9139d0d7a146595694bf57bb9e35e5ec6aa73eb9c8443a@%3Ccommits.pulsar.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/r378e4cdec15e132575aa1dcb6296ffeff2a896745a8991522e266ad4@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r378e4cdec15e132575aa1dcb6296ffeff2a896745a8991522e266ad4@%3Ccommits.pulsar.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/r4bdd3f7bb6820a79f9416b6667d718a06d269018619a75ce4b759318@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r4bdd3f7bb6820a79f9416b6667d718a06d269018619a75ce4b759318@%3Ccommits.pulsar.apache.org%3E
9
reference_url https://lists.apache.org/thread.html/r521168299e023fb075b57afe33d17ff1d09e8a10e0fd8c775ea0e028@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r521168299e023fb075b57afe33d17ff1d09e8a10e0fd8c775ea0e028@%3Ccommits.pulsar.apache.org%3E
10
reference_url https://lists.apache.org/thread.html/r7fc5f2ed49641ea91c433e3cd0fc3d31c0278c87b82b15c33b881415@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r7fc5f2ed49641ea91c433e3cd0fc3d31c0278c87b82b15c33b881415@%3Ccommits.pulsar.apache.org%3E
11
reference_url https://lists.apache.org/thread.html/r81f58591fb4716fb867b36956f30c7c8ad4ab3f23abc952d9d86a2a0@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r81f58591fb4716fb867b36956f30c7c8ad4ab3f23abc952d9d86a2a0@%3Ccommits.pulsar.apache.org%3E
12
reference_url https://lists.apache.org/thread.html/r9584c4304c888f651d214341a939bd264ed30c9e3d0d30fe85097ecf@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9584c4304c888f651d214341a939bd264ed30c9e3d0d30fe85097ecf@%3Ccommits.pulsar.apache.org%3E
13
reference_url https://lists.apache.org/thread.html/r9a2cfa56d30782a0c17a5deb951a622d1f5c8de48e1c3b578ffc2a84@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r9a2cfa56d30782a0c17a5deb951a622d1f5c8de48e1c3b578ffc2a84@%3Ccommits.pulsar.apache.org%3E
14
reference_url https://lists.apache.org/thread.html/ra8661fc8c69c647cb06153c1485d48484a833d873f75dfe45937e9de@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/ra8661fc8c69c647cb06153c1485d48484a833d873f75dfe45937e9de@%3Ccommits.pulsar.apache.org%3E
15
reference_url https://lists.apache.org/thread.html/rbe1f230e87ea947593145d0072d0097ddb0af10fee1161db8ca1546c@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rbe1f230e87ea947593145d0072d0097ddb0af10fee1161db8ca1546c@%3Ccommits.pulsar.apache.org%3E
16
reference_url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd0e44e8ef71eeaaa3cf3d1b8b41eb25894372e2995ec908ce7624d26@%3Ccommits.pulsar.apache.org%3E
17
reference_url https://lists.apache.org/thread.html/rd98cfd012490cb02caa1a11aaa0cc38bff2d43bcce9b20c2f01063dd@%3Ccommits.pulsar.apache.org%3E
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd98cfd012490cb02caa1a11aaa0cc38bff2d43bcce9b20c2f01063dd@%3Ccommits.pulsar.apache.org%3E
18
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XE6US6VPZHOWFMUSFGDS5V2DNQPY5MKB
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XE6US6VPZHOWFMUSFGDS5V2DNQPY5MKB
19
reference_url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XE6US6VPZHOWFMUSFGDS5V2DNQPY5MKB/
reference_id
reference_type
scores
url https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XE6US6VPZHOWFMUSFGDS5V2DNQPY5MKB/
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-17638
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-17638
21
reference_url https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-575561
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-ORGECLIPSEJETTY-575561
22
reference_url https://www.oracle.com/security-alerts/cpuApr2021.html
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuApr2021.html
23
reference_url https://www.oracle.com/security-alerts/cpuoct2020.html
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.oracle.com/security-alerts/cpuoct2020.html
24
reference_url http://www.openwall.com/lists/oss-security/2020/08/17/1
reference_id
reference_type
scores
0
value 9.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2020/08/17/1
25
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1864680
reference_id 1864680
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1864680
26
reference_url https://github.com/advisories/GHSA-x3rh-m7vp-35f2
reference_id GHSA-x3rh-m7vp-35f2
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x3rh-m7vp-35f2
27
reference_url https://access.redhat.com/errata/RHSA-2020:3808
reference_id RHSA-2020:3808
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3808
28
reference_url https://access.redhat.com/errata/RHSA-2020:3841
reference_id RHSA-2020:3841
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3841
29
reference_url https://access.redhat.com/errata/RHSA-2020:4220
reference_id RHSA-2020:4220
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4220
30
reference_url https://access.redhat.com/errata/RHSA-2020:4223
reference_id RHSA-2020:4223
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4223
31
reference_url https://access.redhat.com/errata/RHSA-2020:5568
reference_id RHSA-2020:5568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:5568
fixed_packages
aliases CVE-2019-17638, GHSA-x3rh-m7vp-35f2
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sw3q-jzqx-dkbn
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.235.5.1600414805-1%3Farch=el7