Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/jenkins@1.651.2-1?arch=el6op
Typerpm
Namespaceredhat
Namejenkins
Version1.651.2-1
Qualifiers
arch el6op
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-16kg-751c-d3f8
vulnerability_id VCID-16kg-751c-d3f8
summary 
Jenkins allows Deserialization of Untrusted Data via an XML File
Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0711
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0711
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0792.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0792.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0792
reference_id
reference_type
scores
0
value 0.90556
scoring_system epss
scoring_elements 0.9963
published_at 2026-06-06T12:55:00Z
1
value 0.90556
scoring_system epss
scoring_elements 0.99629
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0792
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/7f202f0317e60cd3160f61467b8558f864f83f41
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/7f202f0317e60cd3160f61467b8558f864f83f41
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
7
reference_url https://www.contrastsecurity.com/security-influencers/serialization-must-die-act-2-xstream
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.contrastsecurity.com/security-influencers/serialization-must-die-act-2-xstream
8
reference_url https://www.exploit-db.com/exploits/42394
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/42394
9
reference_url https://www.exploit-db.com/exploits/43375
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.exploit-db.com/exploits/43375
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311950
reference_id 1311950
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311950
11
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/42394.py
reference_id CVE-2016-0792
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/java/remote/42394.py
12
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/43375.rb
reference_id CVE-2016-0792
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/43375.rb
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0792
reference_id CVE-2016-0792
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0792
14
reference_url https://raw.githubusercontent.com/rapid7/metasploit-framework/76823e9fe6e38e88c2a25bc5a13c6b2bec6aeeb2/modules/exploits/multi/http/jenkins_xstream_deserialize.rb
reference_id CVE-2016-0792
reference_type exploit
scores
url https://raw.githubusercontent.com/rapid7/metasploit-framework/76823e9fe6e38e88c2a25bc5a13c6b2bec6aeeb2/modules/exploits/multi/http/jenkins_xstream_deserialize.rb
15
reference_url https://github.com/advisories/GHSA-45rg-g72w-r393
reference_id GHSA-45rg-g72w-r393
reference_type
scores
url https://github.com/advisories/GHSA-45rg-g72w-r393
16
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-0792, GHSA-45rg-g72w-r393
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-16kg-751c-d3f8
1
url VCID-1c44-q42b-3bac
vulnerability_id VCID-1c44-q42b-3bac
summary 
Information Exposure
Jenkins does not use a constant-time algorithm to verify API tokens, which makes it easier for remote attackers to determine API tokens via a brute-force approach.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0711
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0711
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0790.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0790.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0790
reference_id
reference_type
scores
0
value 0.00212
scoring_system epss
scoring_elements 0.43839
published_at 2026-06-06T12:55:00Z
1
value 0.00212
scoring_system epss
scoring_elements 0.4376
published_at 2026-06-04T12:55:00Z
2
value 0.00212
scoring_system epss
scoring_elements 0.4383
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0790
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311948
reference_id 1311948
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311948
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0790
reference_id CVE-2016-0790
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0790
7
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-0790, GHSA-jgpr-qrw2-6gp3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1c44-q42b-3bac
2
url VCID-2n89-52cd-fkde
vulnerability_id VCID-2n89-52cd-fkde
summary 
Jenkins allows Remote Users to Inject Build Parameters
Jenkins before 2.3 and LTS before 1.651.2 might allow remote authenticated users to inject arbitrary build parameters into the build environment via environment variables.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3721.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3721.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3721
reference_id
reference_type
scores
0
value 0.00379
scoring_system epss
scoring_elements 0.59716
published_at 2026-06-04T12:55:00Z
1
value 0.00379
scoring_system epss
scoring_elements 0.59769
published_at 2026-06-06T12:55:00Z
2
value 0.00379
scoring_system epss
scoring_elements 0.59766
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3721
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://wiki.jenkins-ci.org/display/JENKINS/Plugins+affected+by+fix+for+SECURITY-170
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://wiki.jenkins-ci.org/display/JENKINS/Plugins+affected+by+fix+for+SECURITY-170
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
7
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
8
reference_url http://www.openwall.com/lists/oss-security/2024/05/02/3
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-02T17:22:46Z/
url http://www.openwall.com/lists/oss-security/2024/05/02/3
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335415
reference_id 1335415
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335415
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3721
reference_id CVE-2016-3721
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3721
11
reference_url https://github.com/advisories/GHSA-qf2h-h3xq-j93j
reference_id GHSA-qf2h-h3xq-j93j
reference_type
scores
url https://github.com/advisories/GHSA-qf2h-h3xq-j93j
12
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3721, GHSA-qf2h-h3xq-j93j
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2n89-52cd-fkde
3
url VCID-2nfj-df6q-xqfy
vulnerability_id VCID-2nfj-df6q-xqfy
summary 
Permissions, Privileges, and Access Controls
Jenkins allows remote authenticated users to trigger updating of update site metadata by leveraging a missing permission check.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3725.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3725.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3725
reference_id
reference_type
scores
0
value 0.00162
scoring_system epss
scoring_elements 0.36944
published_at 2026-06-05T12:55:00Z
1
value 0.00162
scoring_system epss
scoring_elements 0.3695
published_at 2026-06-06T12:55:00Z
2
value 0.00162
scoring_system epss
scoring_elements 0.36852
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3725
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
5
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335420
reference_id 1335420
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335420
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3725
reference_id CVE-2016-3725
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3725
8
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3725, GHSA-59fm-6x3q-q3q5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2nfj-df6q-xqfy
4
url VCID-3frm-5qfv-13bg
vulnerability_id VCID-3frm-5qfv-13bg
summary 
Jenkins Exposes Sensitive Information from Job Configuration
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with extended read access to obtain sensitive password information by reading a job configuration.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3724.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3724.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3724
reference_id
reference_type
scores
0
value 0.00252
scoring_system epss
scoring_elements 0.48784
published_at 2026-06-05T12:55:00Z
1
value 0.00252
scoring_system epss
scoring_elements 0.48792
published_at 2026-06-06T12:55:00Z
2
value 0.00252
scoring_system epss
scoring_elements 0.48723
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3724
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
6
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335418
reference_id 1335418
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335418
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3724
reference_id CVE-2016-3724
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3724
9
reference_url https://github.com/advisories/GHSA-7vvj-qqvj-h8mc
reference_id GHSA-7vvj-qqvj-h8mc
reference_type
scores
url https://github.com/advisories/GHSA-7vvj-qqvj-h8mc
10
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3724, GHSA-7vvj-qqvj-h8mc
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3frm-5qfv-13bg
5
url VCID-b15t-qmn2-yydx
vulnerability_id VCID-b15t-qmn2-yydx
summary 
Jenkins Exposes Sensitive Information via API URL
The API URL computer/(master)/api/xml in Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users with extended read permission for the master node to obtain sensitive information about the global configuration via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3727.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3727.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3727
reference_id
reference_type
scores
0
value 0.0009
scoring_system epss
scoring_elements 0.25419
published_at 2026-06-04T12:55:00Z
1
value 0.0009
scoring_system epss
scoring_elements 0.25502
published_at 2026-06-06T12:55:00Z
2
value 0.0009
scoring_system epss
scoring_elements 0.25515
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3727
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/d66ad6f3ee46a5c6bb865bb831e8cdfc74cd7eb3
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/d66ad6f3ee46a5c6bb865bb831e8cdfc74cd7eb3
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
7
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335422
reference_id 1335422
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335422
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3727
reference_id CVE-2016-3727
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3727
10
reference_url https://github.com/advisories/GHSA-6cr3-cm5h-8q96
reference_id GHSA-6cr3-cm5h-8q96
reference_type
scores
url https://github.com/advisories/GHSA-6cr3-cm5h-8q96
11
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3727, GHSA-6cr3-cm5h-8q96
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b15t-qmn2-yydx
6
url VCID-buab-caa1-jkhj
vulnerability_id VCID-buab-caa1-jkhj
summary 
Jenkins affected by Open Redirect Vulnerability
Multiple open redirect vulnerabilities in Jenkins before 2.3 and LTS before 1.651.2 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors related to "scheme-relative" URLs.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3726.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3726.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3726
reference_id
reference_type
scores
0
value 0.00081
scoring_system epss
scoring_elements 0.23848
published_at 2026-06-05T12:55:00Z
1
value 0.00081
scoring_system epss
scoring_elements 0.23754
published_at 2026-06-04T12:55:00Z
2
value 0.00081
scoring_system epss
scoring_elements 0.23833
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3726
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/2ed0c046dfbb2003a17df27c53777e72c6eaff25
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/2ed0c046dfbb2003a17df27c53777e72c6eaff25
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
7
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335421
reference_id 1335421
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335421
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3726
reference_id CVE-2016-3726
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3726
10
reference_url https://github.com/advisories/GHSA-rx4r-gxpc-h85x
reference_id GHSA-rx4r-gxpc-h85x
reference_type
scores
url https://github.com/advisories/GHSA-rx4r-gxpc-h85x
11
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3726, GHSA-rx4r-gxpc-h85x
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-buab-caa1-jkhj
7
url VCID-d35k-bj2z-ayg9
vulnerability_id VCID-d35k-bj2z-ayg9
summary 
InvokerTransformer code execution during deserialization
This package allows code execution when deserializing objects involving a specially constructed chain of classes. A remote attacker could use this flaw to execute arbitrary code with the permissions of the application using the commons-collections library.
references
0
reference_url http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
reference_id
reference_type
scores
url http://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
1
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7501.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-7501.json
3
reference_url https://access.redhat.com/security/vulnerabilities/2059393
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/vulnerabilities/2059393
4
reference_url https://access.redhat.com/solutions/2045023
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/solutions/2045023
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-7501
reference_id
reference_type
scores
0
value 0.71461
scoring_system epss
scoring_elements 0.98743
published_at 2026-06-06T12:55:00Z
1
value 0.71461
scoring_system epss
scoring_elements 0.98744
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-7501
6
reference_url https://arxiv.org/pdf/2306.05534.pdf
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://arxiv.org/pdf/2306.05534.pdf
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1279330
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1279330
8
reference_url https://commons.apache.org/proper/commons-collections/release_4_1.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://commons.apache.org/proper/commons-collections/release_4_1.html
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501
10
reference_url https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability
11
reference_url https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
reference_id
reference_type
scores
url https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
12
reference_url https://github.com/apache/commons-collections
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/commons-collections
13
reference_url https://issues.apache.org/jira/browse/COLLECTIONS-580.
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://issues.apache.org/jira/browse/COLLECTIONS-580.
14
reference_url https://sourceforge.net/p/collections/code/HEAD/tree
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://sourceforge.net/p/collections/code/HEAD/tree
15
reference_url https://sourceforge.net/p/collections/code/HEAD/tree/
reference_id
reference_type
scores
url https://sourceforge.net/p/collections/code/HEAD/tree/
16
reference_url https://github.com/jensdietrich/xshady-release/tree/main/CVE-2015-7501
reference_id CVE-2015-7501
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jensdietrich/xshady-release/tree/main/CVE-2015-7501
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-7501
reference_id CVE-2015-7501
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-7501
18
reference_url https://github.com/advisories/GHSA-fjq5-5j5f-mvxh
reference_id GHSA-fjq5-5j5f-mvxh
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fjq5-5j5f-mvxh
19
reference_url https://access.redhat.com/errata/RHSA-2015:2500
reference_id RHSA-2015:2500
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2500
20
reference_url https://access.redhat.com/errata/RHSA-2015:2501
reference_id RHSA-2015:2501
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2501
21
reference_url https://access.redhat.com/errata/RHSA-2015:2502
reference_id RHSA-2015:2502
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2502
22
reference_url https://access.redhat.com/errata/RHSA-2015:2514
reference_id RHSA-2015:2514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2514
23
reference_url https://access.redhat.com/errata/RHSA-2015:2516
reference_id RHSA-2015:2516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2516
24
reference_url https://access.redhat.com/errata/RHSA-2015:2517
reference_id RHSA-2015:2517
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2517
25
reference_url https://access.redhat.com/errata/RHSA-2015:2521
reference_id RHSA-2015:2521
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2521
26
reference_url https://access.redhat.com/errata/RHSA-2015:2522
reference_id RHSA-2015:2522
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2522
27
reference_url https://access.redhat.com/errata/RHSA-2015:2523
reference_id RHSA-2015:2523
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2523
28
reference_url https://access.redhat.com/errata/RHSA-2015:2524
reference_id RHSA-2015:2524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2524
29
reference_url https://access.redhat.com/errata/RHSA-2015:2534
reference_id RHSA-2015:2534
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2534
30
reference_url https://access.redhat.com/errata/RHSA-2015:2535
reference_id RHSA-2015:2535
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2535
31
reference_url https://access.redhat.com/errata/RHSA-2015:2536
reference_id RHSA-2015:2536
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2536
32
reference_url https://access.redhat.com/errata/RHSA-2015:2537
reference_id RHSA-2015:2537
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2537
33
reference_url https://access.redhat.com/errata/RHSA-2015:2538
reference_id RHSA-2015:2538
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2538
34
reference_url https://access.redhat.com/errata/RHSA-2015:2539
reference_id RHSA-2015:2539
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2539
35
reference_url https://access.redhat.com/errata/RHSA-2015:2540
reference_id RHSA-2015:2540
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2540
36
reference_url https://access.redhat.com/errata/RHSA-2015:2541
reference_id RHSA-2015:2541
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2541
37
reference_url https://access.redhat.com/errata/RHSA-2015:2542
reference_id RHSA-2015:2542
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2542
38
reference_url https://access.redhat.com/errata/RHSA-2015:2547
reference_id RHSA-2015:2547
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2547
39
reference_url https://access.redhat.com/errata/RHSA-2015:2548
reference_id RHSA-2015:2548
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2548
40
reference_url https://access.redhat.com/errata/RHSA-2015:2556
reference_id RHSA-2015:2556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2556
41
reference_url https://access.redhat.com/errata/RHSA-2015:2557
reference_id RHSA-2015:2557
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2557
42
reference_url https://access.redhat.com/errata/RHSA-2015:2559
reference_id RHSA-2015:2559
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2559
43
reference_url https://access.redhat.com/errata/RHSA-2015:2560
reference_id RHSA-2015:2560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2560
44
reference_url https://access.redhat.com/errata/RHSA-2015:2578
reference_id RHSA-2015:2578
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2578
45
reference_url https://access.redhat.com/errata/RHSA-2015:2579
reference_id RHSA-2015:2579
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2579
46
reference_url https://access.redhat.com/errata/RHSA-2015:2670
reference_id RHSA-2015:2670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2670
47
reference_url https://access.redhat.com/errata/RHSA-2015:2671
reference_id RHSA-2015:2671
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:2671
48
reference_url https://access.redhat.com/errata/RHSA-2016:0040
reference_id RHSA-2016:0040
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0040
49
reference_url https://access.redhat.com/errata/RHSA-2016:0118
reference_id RHSA-2016:0118
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0118
50
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
51
reference_url https://access.redhat.com/errata/RHSA-2020:4274
reference_id RHSA-2020:4274
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4274
fixed_packages
aliases CVE-2015-7501, GHSA-fjq5-5j5f-mvxh
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d35k-bj2z-ayg9
8
url VCID-dzac-wwsz-dyhf
vulnerability_id VCID-dzac-wwsz-dyhf
summary 
Information Exposure
Jenkins does not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0711
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0711
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0791.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0791.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0791
reference_id
reference_type
scores
0
value 0.00469
scoring_system epss
scoring_elements 0.6492
published_at 2026-06-05T12:55:00Z
1
value 0.00469
scoring_system epss
scoring_elements 0.64878
published_at 2026-06-04T12:55:00Z
2
value 0.00469
scoring_system epss
scoring_elements 0.64931
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0791
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311949
reference_id 1311949
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311949
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0791
reference_id CVE-2016-0791
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0791
7
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-0791, GHSA-jmw7-ph6p-33cc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dzac-wwsz-dyhf
9
url VCID-g3c7-mnmj-nqbr
vulnerability_id VCID-g3c7-mnmj-nqbr
summary 
Information Exposure
Jenkins allows remote authenticated users with read access to obtain sensitive plugin installation information by leveraging missing permissions checks in unspecified XML/JSON API endpoints.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3723.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3723.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3723
reference_id
reference_type
scores
0
value 0.00069
scoring_system epss
scoring_elements 0.21475
published_at 2026-06-05T12:55:00Z
1
value 0.00069
scoring_system epss
scoring_elements 0.21461
published_at 2026-06-06T12:55:00Z
2
value 0.00069
scoring_system epss
scoring_elements 0.21395
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3723
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
5
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335417
reference_id 1335417
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335417
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3723
reference_id CVE-2016-3723
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3723
8
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3723, GHSA-8572-5jrg-mx52
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g3c7-mnmj-nqbr
10
url VCID-kdny-k8tt-r3fg
vulnerability_id VCID-kdny-k8tt-r3fg
summary 
Jenkins allows Execution of Code by Opening a JRMP Listener
The remoting module in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to execute arbitrary code by opening a JRMP listener.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0711
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0711
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0788.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0788.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0788
reference_id
reference_type
scores
0
value 0.3743
scoring_system epss
scoring_elements 0.97274
published_at 2026-06-06T12:55:00Z
1
value 0.3743
scoring_system epss
scoring_elements 0.97268
published_at 2026-06-04T12:55:00Z
2
value 0.3743
scoring_system epss
scoring_elements 0.97273
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0788
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/1ec232ca1c80e924d70212313b852aec408aa37e
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/1ec232ca1c80e924d70212313b852aec408aa37e
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311946
reference_id 1311946
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311946
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0788
reference_id CVE-2016-0788
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0788
9
reference_url https://github.com/advisories/GHSA-j7q5-h445-f7pc
reference_id GHSA-j7q5-h445-f7pc
reference_type
scores
url https://github.com/advisories/GHSA-j7q5-h445-f7pc
10
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-0788, GHSA-j7q5-h445-f7pc
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kdny-k8tt-r3fg
11
url VCID-khk5-qze4-fuh7
vulnerability_id VCID-khk5-qze4-fuh7
summary 
Permissions, Privileges, and Access Controls
Jenkins allows remote authenticated users with multiple accounts to cause a denial of service (unable to login) by editing the "full name".
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:1206
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1206
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3722.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3722.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3722
reference_id
reference_type
scores
0
value 0.00197
scoring_system epss
scoring_elements 0.41547
published_at 2026-06-05T12:55:00Z
1
value 0.00197
scoring_system epss
scoring_elements 0.41554
published_at 2026-06-06T12:55:00Z
2
value 0.00197
scoring_system epss
scoring_elements 0.41471
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3722
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-05-11
5
reference_url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cloudbees.com/jenkins-security-advisory-2016-05-11
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1335416
reference_id 1335416
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1335416
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3722
reference_id CVE-2016-3722
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3722
8
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-3722, GHSA-3857-xm38-jmq2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-khk5-qze4-fuh7
12
url VCID-mkuu-7x6y-7kc6
vulnerability_id VCID-mkuu-7x6y-7kc6
summary certificate verification bypass
references
0
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00032.html
1
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00033.html
2
reference_url http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://packetstormsecurity.com/files/127913/Apache-HttpComponents-Man-In-The-Middle.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-1146.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1146.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2014-1166.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1166.html
5
reference_url http://rhn.redhat.com/errata/RHSA-2014-1833.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1833.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2014-1834.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1834.html
7
reference_url http://rhn.redhat.com/errata/RHSA-2014-1835.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1835.html
8
reference_url http://rhn.redhat.com/errata/RHSA-2014-1836.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1836.html
9
reference_url http://rhn.redhat.com/errata/RHSA-2014-1891.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1891.html
10
reference_url http://rhn.redhat.com/errata/RHSA-2014-1892.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1892.html
11
reference_url http://rhn.redhat.com/errata/RHSA-2015-0125.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0125.html
12
reference_url http://rhn.redhat.com/errata/RHSA-2015-0158.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0158.html
13
reference_url http://rhn.redhat.com/errata/RHSA-2015-0675.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0675.html
14
reference_url http://rhn.redhat.com/errata/RHSA-2015-0720.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0720.html
15
reference_url http://rhn.redhat.com/errata/RHSA-2015-0765.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0765.html
16
reference_url http://rhn.redhat.com/errata/RHSA-2015-0850.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0850.html
17
reference_url http://rhn.redhat.com/errata/RHSA-2015-0851.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-0851.html
18
reference_url http://rhn.redhat.com/errata/RHSA-2015-1176.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1176.html
19
reference_url http://rhn.redhat.com/errata/RHSA-2015-1177.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1177.html
20
reference_url http://rhn.redhat.com/errata/RHSA-2015-1888.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1888.html
21
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
22
reference_url http://rhn.redhat.com/errata/RHSA-2016-1931.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1931.html
23
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3577.json
reference_id
reference_type
scores
0
value 4.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3577.json
24
reference_url https://access.redhat.com/solutions/1165533
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/solutions/1165533
25
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3577
reference_id
reference_type
scores
0
value 0.01368
scoring_system epss
scoring_elements 0.80569
published_at 2026-06-06T12:55:00Z
1
value 0.01368
scoring_system epss
scoring_elements 0.8054
published_at 2026-06-04T12:55:00Z
2
value 0.01368
scoring_system epss
scoring_elements 0.80567
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3577
26
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3577
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3577
27
reference_url http://seclists.org/fulldisclosure/2014/Aug/48
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2014/Aug/48
28
reference_url http://secunia.com/advisories/60466
reference_id
reference_type
scores
url http://secunia.com/advisories/60466
29
reference_url http://secunia.com/advisories/60589
reference_id
reference_type
scores
url http://secunia.com/advisories/60589
30
reference_url http://secunia.com/advisories/60713
reference_id
reference_type
scores
url http://secunia.com/advisories/60713
31
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/95327
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/95327
32
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
33
reference_url https://github.com/apache/httpcomponents-client
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/httpcomponents-client
34
reference_url https://github.com/apache/httpcomponents-client/commit/51cc67567765d67f878f0dcef61b5ded454d3122
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/httpcomponents-client/commit/51cc67567765d67f878f0dcef61b5ded454d3122
35
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05103564
36
reference_url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782
reference_id
reference_type
scores
url https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05363782
37
reference_url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E
38
reference_url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E
39
reference_url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E
40
reference_url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r36e44ffc1a9b365327df62cdfaabe85b9a5637de102cea07d79b2dbf@%3Ccommits.cxf.apache.org%3E
41
reference_url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rc774278135816e7afc943dc9fc78eb0764f2c84a2b96470a0187315c@%3Ccommits.cxf.apache.org%3E
42
reference_url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rd49aabd984ed540c8ff7916d4d79405f3fa311d2fdbcf9ed307839a6@%3Ccommits.cxf.apache.org%3E
43
reference_url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rec7160382badd3ef4ad017a22f64a266c7188b9ba71394f0d321e2d4@%3Ccommits.cxf.apache.org%3E
44
reference_url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rfb87e0bf3995e7d560afeed750fac9329ff5f1ad49da365129b7f89e@%3Ccommits.cxf.apache.org%3E
45
reference_url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/rff42cfa5e7d75b7c1af0e37589140a8f1999e578a75738740b244bd4@%3Ccommits.cxf.apache.org%3E
46
reference_url https://security.netapp.com/advisory/ntap-20231027-0003
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20231027-0003
47
reference_url https://svn.apache.org/viewvc?view=revision&revision=1614064
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://svn.apache.org/viewvc?view=revision&revision=1614064
48
reference_url http://www.openwall.com/lists/oss-security/2021/10/06/1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/10/06/1
49
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
50
reference_url http://www.osvdb.org/110143
reference_id
reference_type
scores
url http://www.osvdb.org/110143
51
reference_url http://www.securityfocus.com/bid/69258
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/69258
52
reference_url http://www.securitytracker.com/id/1030812
reference_id
reference_type
scores
url http://www.securitytracker.com/id/1030812
53
reference_url http://www.ubuntu.com/usn/USN-2769-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2769-1
54
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1129074
reference_id 1129074
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1129074
55
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758086
reference_id 758086
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758086
56
reference_url https://security.archlinux.org/AVG-2448
reference_id AVG-2448
reference_type
scores
0
value Medium
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2448
57
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3577
reference_id CVE-2014-3577
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3577
58
reference_url https://github.com/advisories/GHSA-cfh5-3ghh-wfjx
reference_id GHSA-cfh5-3ghh-wfjx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-cfh5-3ghh-wfjx
59
reference_url https://access.redhat.com/errata/RHSA-2014:1082
reference_id RHSA-2014:1082
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1082
60
reference_url https://access.redhat.com/errata/RHSA-2014:1146
reference_id RHSA-2014:1146
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1146
61
reference_url https://access.redhat.com/errata/RHSA-2014:1162
reference_id RHSA-2014:1162
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1162
62
reference_url https://access.redhat.com/errata/RHSA-2014:1163
reference_id RHSA-2014:1163
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1163
63
reference_url https://access.redhat.com/errata/RHSA-2014:1166
reference_id RHSA-2014:1166
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1166
64
reference_url https://access.redhat.com/errata/RHSA-2014:1320
reference_id RHSA-2014:1320
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1320
65
reference_url https://access.redhat.com/errata/RHSA-2014:1321
reference_id RHSA-2014:1321
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1321
66
reference_url https://access.redhat.com/errata/RHSA-2014:1322
reference_id RHSA-2014:1322
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1322
67
reference_url https://access.redhat.com/errata/RHSA-2014:1323
reference_id RHSA-2014:1323
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1323
68
reference_url https://access.redhat.com/errata/RHSA-2014:1833
reference_id RHSA-2014:1833
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1833
69
reference_url https://access.redhat.com/errata/RHSA-2014:1834
reference_id RHSA-2014:1834
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1834
70
reference_url https://access.redhat.com/errata/RHSA-2014:1835
reference_id RHSA-2014:1835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1835
71
reference_url https://access.redhat.com/errata/RHSA-2014:1836
reference_id RHSA-2014:1836
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1836
72
reference_url https://access.redhat.com/errata/RHSA-2014:1891
reference_id RHSA-2014:1891
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1891
73
reference_url https://access.redhat.com/errata/RHSA-2014:1892
reference_id RHSA-2014:1892
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1892
74
reference_url https://access.redhat.com/errata/RHSA-2014:1904
reference_id RHSA-2014:1904
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1904
75
reference_url https://access.redhat.com/errata/RHSA-2014:2019
reference_id RHSA-2014:2019
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:2019
76
reference_url https://access.redhat.com/errata/RHSA-2014:2020
reference_id RHSA-2014:2020
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:2020
77
reference_url https://access.redhat.com/errata/RHSA-2015:0125
reference_id RHSA-2015:0125
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0125
78
reference_url https://access.redhat.com/errata/RHSA-2015:0158
reference_id RHSA-2015:0158
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0158
79
reference_url https://access.redhat.com/errata/RHSA-2015:0234
reference_id RHSA-2015:0234
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0234
80
reference_url https://access.redhat.com/errata/RHSA-2015:0235
reference_id RHSA-2015:0235
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0235
81
reference_url https://access.redhat.com/errata/RHSA-2015:0675
reference_id RHSA-2015:0675
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0675
82
reference_url https://access.redhat.com/errata/RHSA-2015:0720
reference_id RHSA-2015:0720
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0720
83
reference_url https://access.redhat.com/errata/RHSA-2015:0765
reference_id RHSA-2015:0765
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0765
84
reference_url https://access.redhat.com/errata/RHSA-2015:0850
reference_id RHSA-2015:0850
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0850
85
reference_url https://access.redhat.com/errata/RHSA-2015:0851
reference_id RHSA-2015:0851
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0851
86
reference_url https://access.redhat.com/errata/RHSA-2015:1009
reference_id RHSA-2015:1009
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1009
87
reference_url https://access.redhat.com/errata/RHSA-2015:1176
reference_id RHSA-2015:1176
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1176
88
reference_url https://access.redhat.com/errata/RHSA-2015:1177
reference_id RHSA-2015:1177
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1177
89
reference_url https://access.redhat.com/errata/RHSA-2015:1888
reference_id RHSA-2015:1888
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:1888
90
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
91
reference_url https://access.redhat.com/errata/RHSA-2016:1931
reference_id RHSA-2016:1931
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1931
92
reference_url https://access.redhat.com/errata/RHSA-2022:0055
reference_id RHSA-2022:0055
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0055
93
reference_url https://usn.ubuntu.com/2769-1/
reference_id USN-2769-1
reference_type
scores
url https://usn.ubuntu.com/2769-1/
fixed_packages
aliases CVE-2014-3577, GHSA-cfh5-3ghh-wfjx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkuu-7x6y-7kc6
13
url VCID-ut9a-4jsy-dkby
vulnerability_id VCID-ut9a-4jsy-dkby
summary 
Jenkins has CRLF Injection Vulnerability in the CLI
CRLF injection vulnerability in the CLI command documentation in Jenkins before 1.650 and LTS before 1.642.2 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2016-1773.html
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-1773.html
1
reference_url https://access.redhat.com/errata/RHSA-2016:0711
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:0711
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0789.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0789.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-0789
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35052
published_at 2026-06-06T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.34942
published_at 2026-06-04T12:55:00Z
2
value 0.00148
scoring_system epss
scoring_elements 0.35037
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-0789
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/f5c51fbad2b62b81dc1e0402aeee058a4a478046
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/f5c51fbad2b62b81dc1e0402aeee058a4a478046
6
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1311947
reference_id 1311947
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1311947
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-0789
reference_id CVE-2016-0789
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-0789
9
reference_url https://github.com/advisories/GHSA-8p3c-m625-wh83
reference_id GHSA-8p3c-m625-wh83
reference_type
scores
url https://github.com/advisories/GHSA-8p3c-m625-wh83
10
reference_url https://access.redhat.com/errata/RHSA-2016:1773
reference_id RHSA-2016:1773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1773
fixed_packages
aliases CVE-2016-0789, GHSA-8p3c-m625-wh83
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ut9a-4jsy-dkby
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@1.651.2-1%3Farch=el6op