{"url":"http://public2.vulnerablecode.io/api/packages/124746?format=json","purl":"pkg:rpm/redhat/jenkins@1.502-1?arch=el6op","type":"rpm","namespace":"redhat","name":"jenkins","version":"1.502-1","qualifiers":{"arch":"el6op"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6771?format=json","vulnerability_id":"VCID-35e6-cpn8-w7h1","summary":"Symlink path traversal in Rack::File\nAffected versions allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that is remotely exploitable, aka \"symlink path traversals.\"","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"http://rack.github.com/","reference_id":"","reference_type":"","scores":[],"url":"http://rack.github.com/"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0262.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0262.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0262","reference_id":"","reference_type":"","scores":[{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79407","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79409","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79377","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79388","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79403","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.7938","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79371","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79345","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79359","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79329","published_at":"2026-04-01T12:55:00Z"},{"value":"0.01256","scoring_system":"epss","scoring_elements":"0.79335","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79525","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79472","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.79503","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01263","scoring_system":"epss","scoring_elements":"0.7951","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0262"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=909071","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=909071"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=909072","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=909072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0262"},{"reference_url":"http://secunia.com/advisories/52033","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52033"},{"reference_url":"https://gist.github.com/rentzsch/4736940","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gist.github.com/rentzsch/4736940"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/blob/master/lib/rack/file.rb#L56","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/blob/master/lib/rack/file.rb#L56"},{"reference_url":"https://github.com/rack/rack/commit/6f237e4c9fab649d3750482514f0fde76c56ab30","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/6f237e4c9fab649d3750482514f0fde76c56ab30"},{"reference_url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0262.yml","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rubysec/ruby-advisory-db/blob/master/gems/rack/CVE-2013-0262.yml"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0262","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0262"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700173","reference_id":"700173","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700173"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-85r7-w5mv-c849","reference_id":"GHSA-85r7-w5mv-c849","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-85r7-w5mv-c849"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"}],"fixed_packages":[],"aliases":["CVE-2013-0262","GHSA-85r7-w5mv-c849","OSV-89938"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-35e6-cpn8-w7h1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14343?format=json","vulnerability_id":"VCID-59k5-93zx-17dn","summary":"Jenkins allows Remote Users to Build Arbitrary Jobs\nUnspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0638.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0638.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0330.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0330.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0330","reference_id":"","reference_type":"","scores":[{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53298","published_at":"2026-04-26T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53288","published_at":"2026-04-24T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53316","published_at":"2026-04-21T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53337","published_at":"2026-04-18T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53331","published_at":"2026-04-16T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53293","published_at":"2026-04-13T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.5326","published_at":"2026-04-04T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53261","published_at":"2026-04-29T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53211","published_at":"2026-04-01T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53235","published_at":"2026-04-02T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.5331","published_at":"2026-04-12T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53326","published_at":"2026-04-11T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53275","published_at":"2026-04-09T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.5328","published_at":"2026-04-08T12:55:00Z"},{"value":"0.003","scoring_system":"epss","scoring_elements":"0.53228","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0330"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=914878","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=914878"},{"reference_url":"https://github.com/jenkinsci/jenkins","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jenkinsci/jenkins"},{"reference_url":"https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994"},{"reference_url":"https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"},{"reference_url":"http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/02/21/7","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/02/21/7"},{"reference_url":"http://www.securityfocus.com/bid/57994","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/57994"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0330","reference_id":"CVE-2013-0330","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:P/A:N"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0330"},{"reference_url":"https://github.com/advisories/GHSA-25c5-58xw-hw5q","reference_id":"GHSA-25c5-58xw-hw5q","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-25c5-58xw-hw5q"}],"fixed_packages":[],"aliases":["CVE-2013-0330","GHSA-25c5-58xw-hw5q"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-59k5-93zx-17dn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14340?format=json","vulnerability_id":"VCID-9wdu-x7wy-tkf4","summary":"Cross-Site Request Forgery (CSRF)\nCVE-2013-0328 jenkins: XSS","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0638.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0638.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0328.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0328.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0328","reference_id":"","reference_type":"","scores":[{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30342","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30735","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.3076","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.3074","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30706","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30542","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30425","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30742","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30868","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30914","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30733","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30792","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30824","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.30825","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00118","scoring_system":"epss","scoring_elements":"0.3078","published_at":"2026-04-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0328"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=914876","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=914876"},{"reference_url":"https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"},{"reference_url":"http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb","reference_id":"","reference_type":"","scores":[],"url":"http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/02/21/7","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/02/21/7"},{"reference_url":"http://www.securityfocus.com/bid/57994","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/57994"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-0328","reference_id":"CVE-2013-0328","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-0328"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0328","reference_id":"CVE-2013-0328","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0328"},{"reference_url":"https://github.com/advisories/GHSA-q5f8-fxrx-pw6f","reference_id":"GHSA-q5f8-fxrx-pw6f","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-q5f8-fxrx-pw6f"}],"fixed_packages":[],"aliases":["CVE-2013-0328","GHSA-q5f8-fxrx-pw6f"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9wdu-x7wy-tkf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14354?format=json","vulnerability_id":"VCID-ka2b-nyb7-s3c7","summary":"Cross-Site Request Forgery (CSRF)\nUnspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0638.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0638.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0638","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0638"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0329.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0329.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0329","reference_id":"","reference_type":"","scores":[{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42464","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42658","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42641","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42701","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42688","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42624","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42548","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42549","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42569","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.4264","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42668","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42608","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.4266","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42671","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00205","scoring_system":"epss","scoring_elements":"0.42694","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0329"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=914877","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=914877"},{"reference_url":"https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"},{"reference_url":"http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/02/21/7","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/02/21/7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-0329","reference_id":"CVE-2013-0329","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-0329"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0329","reference_id":"CVE-2013-0329","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0329"},{"reference_url":"https://github.com/advisories/GHSA-78cj-2m29-q5r9","reference_id":"GHSA-78cj-2m29-q5r9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-78cj-2m29-q5r9"}],"fixed_packages":[],"aliases":["CVE-2013-0329","GHSA-78cj-2m29-q5r9"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ka2b-nyb7-s3c7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14367?format=json","vulnerability_id":"VCID-kwt4-b76w-tfas","summary":"Cross-Site Request Forgery (CSRF)\nCross-site request forgery (CSRF) vulnerability in Jenkins master in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to hijack the authentication of users via unknown vectors.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0638.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0638.html"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0638","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2013:0638"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0327.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0327.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0327","reference_id":"","reference_type":"","scores":[{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46981","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47053","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47027","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47034","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.4709","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47086","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47035","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47022","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46976","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47012","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47031","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46979","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47033","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.47029","published_at":"2026-04-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0327"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=914875","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=914875"},{"reference_url":"https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"},{"reference_url":"http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/02/21/7","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/02/21/7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2013-0327","reference_id":"CVE-2013-0327","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/security/cve/CVE-2013-0327"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0327","reference_id":"CVE-2013-0327","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0327"},{"reference_url":"https://github.com/advisories/GHSA-rqhg-cxfr-8xqw","reference_id":"GHSA-rqhg-cxfr-8xqw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-rqhg-cxfr-8xqw"}],"fixed_packages":[],"aliases":["CVE-2013-0327","GHSA-rqhg-cxfr-8xqw"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kwt4-b76w-tfas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/14347?format=json","vulnerability_id":"VCID-ntb4-3udv-s7fv","summary":"Jenkins Vulnerable to Denial of Service (DoS) via Crafted Payload\nJenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload.","references":[{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0638.html","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0638.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0331.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0331.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0331","reference_id":"","reference_type":"","scores":[{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60374","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60359","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60383","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60394","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60386","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60297","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60362","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60221","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60323","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60344","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60363","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60377","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60356","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.6034","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00395","scoring_system":"epss","scoring_elements":"0.60291","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0331"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=914879","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=914879"},{"reference_url":"https://github.com/jenkinsci/jenkins","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jenkinsci/jenkins"},{"reference_url":"https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994"},{"reference_url":"https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16"},{"reference_url":"http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb"},{"reference_url":"http://www.openwall.com/lists/oss-security/2013/02/21/7","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2013/02/21/7"},{"reference_url":"http://www.securityfocus.com/bid/57994","reference_id":"","reference_type":"","scores":[],"url":"http://www.securityfocus.com/bid/57994"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*","reference_id":"cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0331","reference_id":"CVE-2013-0331","reference_type":"","scores":[{"value":"4.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:S/C:N/I:N/A:P"},{"value":"5.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0331"},{"reference_url":"https://github.com/advisories/GHSA-5c56-g5cq-4gj9","reference_id":"GHSA-5c56-g5cq-4gj9","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-5c56-g5cq-4gj9"}],"fixed_packages":[],"aliases":["CVE-2013-0331","GHSA-5c56-g5cq-4gj9"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ntb4-3udv-s7fv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6770?format=json","vulnerability_id":"VCID-y12d-fjpf-uubh","summary":"Timing attack against Rack::Session::Cookie\nAffected versions allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving am HMAC comparison function that does not run in constant time.","references":[{"reference_url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://lists.opensuse.org/opensuse-updates/2013-03/msg00048.html"},{"reference_url":"http://rack.github.com/","reference_id":"","reference_type":"","scores":[],"url":"http://rack.github.com/"},{"reference_url":"http://rhn.redhat.com/errata/RHSA-2013-0686.html","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://rhn.redhat.com/errata/RHSA-2013-0686.html"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0263.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0263","reference_id":"","reference_type":"","scores":[{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.9245","published_at":"2026-04-16T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92439","published_at":"2026-04-13T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92441","published_at":"2026-04-12T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92438","published_at":"2026-04-11T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92432","published_at":"2026-04-09T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92428","published_at":"2026-04-08T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92416","published_at":"2026-04-07T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92413","published_at":"2026-04-04T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92398","published_at":"2026-04-01T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92405","published_at":"2026-04-02T12:55:00Z"},{"value":"0.08626","scoring_system":"epss","scoring_elements":"0.92449","published_at":"2026-04-18T12:55:00Z"},{"value":"0.16071","scoring_system":"epss","scoring_elements":"0.94805","published_at":"2026-04-29T12:55:00Z"},{"value":"0.16071","scoring_system":"epss","scoring_elements":"0.94801","published_at":"2026-04-21T12:55:00Z"},{"value":"0.16071","scoring_system":"epss","scoring_elements":"0.94802","published_at":"2026-04-24T12:55:00Z"},{"value":"0.16071","scoring_system":"epss","scoring_elements":"0.94804","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2013-0263"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=909071","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=909071"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0263"},{"reference_url":"http://secunia.com/advisories/52033","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52033"},{"reference_url":"http://secunia.com/advisories/52134","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52134"},{"reference_url":"http://secunia.com/advisories/52774","reference_id":"","reference_type":"","scores":[],"url":"http://secunia.com/advisories/52774"},{"reference_url":"https://gist.github.com/codahale/f9f3781f7b54985bee94","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://gist.github.com/codahale/f9f3781f7b54985bee94"},{"reference_url":"https://github.com/rack/rack","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack"},{"reference_url":"https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/0cd7e9aa397f8ebb3b8481d67dbac8b4863a7f07"},{"reference_url":"https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/rack/rack/commit/9a81b961457805f6d1a5c275d053068440421e11"},{"reference_url":"https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/d/msg/rack-devel/xKrHVWeNvDM/4ZGA576CnK4J"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ"},{"reference_url":"https://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ","reference_id":"","reference_type":"","scores":[],"url":"https://groups.google.com/forum/#%21msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/bf937jPZxJM/1s6x95vIhmAJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/hz-liLb9fKE/8jvVWU6xYiYJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/mZsuRonD7G8/DpZIOmMLbOgJ"},{"reference_url":"https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://groups.google.com/forum/#!msg/rack-devel/RnQxm6i13C4/xfakH81yWvgJ"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0263","reference_id":"","reference_type":"","scores":[{"value":"5.1","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:H/Au:N/C:P/I:P/A:P"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-0263"},{"reference_url":"https://puppet.com/security/cve/cve-2013-0263","reference_id":"","reference_type":"","scores":[],"url":"https://puppet.com/security/cve/cve-2013-0263"},{"reference_url":"https://twitter.com/coda/statuses/299732877745197056","reference_id":"","reference_type":"","scores":[],"url":"https://twitter.com/coda/statuses/299732877745197056"},{"reference_url":"http://www.debian.org/security/2013/dsa-2783","reference_id":"","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.debian.org/security/2013/dsa-2783"},{"reference_url":"http://www.osvdb.org/89939","reference_id":"","reference_type":"","scores":[],"url":"http://www.osvdb.org/89939"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226","reference_id":"700226","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700226"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.1.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.1.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.2.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.2.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.5:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.6:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.7:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.8:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.9:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.3.9:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.3.9:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.2:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.4.4:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:rack_project:rack:1.5.1:*:*:*:*:*:*:*"},{"reference_url":"https://github.com/advisories/GHSA-xc85-32mf-xpv8","reference_id":"GHSA-xc85-32mf-xpv8","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xc85-32mf-xpv8"},{"reference_url":"https://security.gentoo.org/glsa/201405-10","reference_id":"GLSA-201405-10","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201405-10"},{"reference_url":"https://access.redhat.com/errata/RHSA-2013:0686","reference_id":"RHSA-2013:0686","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2013:0686"}],"fixed_packages":[],"aliases":["CVE-2013-0263","GHSA-xc85-32mf-xpv8","OSV-89939"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y12d-fjpf-uubh"}],"fixing_vulnerabilities":[],"risk_score":"3.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@1.502-1%3Farch=el6op"}