Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1?arch=el8
Typerpm
Namespaceredhat
Namejenkins-2-plugins
Version4.9.1675668922-1
Qualifiers
arch el8
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1hvx-2h1t-n7hj
vulnerability_id VCID-1hvx-2h1t-n7hj
summary Whole-script approval in Jenkins Script Security Plugin vulnerable to SHA-1 collisions
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45379.json
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45379.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45379
reference_id
reference_type
scores
0
value 0.00362
scoring_system epss
scoring_elements 0.58812
published_at 2026-06-12T12:55:00Z
1
value 0.00362
scoring_system epss
scoring_elements 0.587
published_at 2026-06-11T12:55:00Z
2
value 0.00362
scoring_system epss
scoring_elements 0.58817
published_at 2026-06-14T12:55:00Z
3
value 0.00362
scoring_system epss
scoring_elements 0.58827
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45379
2
reference_url https://github.com/jenkinsci/script-security-plugin
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/script-security-plugin
3
reference_url https://github.com/jenkinsci/script-security-plugin/commit/65867aa471265a16198b92fb439782ba3554da66
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/script-security-plugin/commit/65867aa471265a16198b92fb439782ba3554da66
4
reference_url https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2564
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2143090
reference_id 2143090
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2143090
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-45379
reference_id CVE-2022-45379
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-45379
7
reference_url https://github.com/advisories/GHSA-fv42-mx39-6fpw
reference_id GHSA-fv42-mx39-6fpw
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fv42-mx39-6fpw
8
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
9
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
fixed_packages
aliases CVE-2022-45379, GHSA-fv42-mx39-6fpw
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1hvx-2h1t-n7hj
1
url VCID-24zg-76th-b7a9
vulnerability_id VCID-24zg-76th-b7a9
summary PKCE support is not implemented in accordance with the RFC for OAuth 2.0 for Native Apps. Without the use of PKCE, the authorization code returned by an authorization server is not enough to guarantee that the client that issued the initial authorization request is the one that will be authorized. An attacker is able to obtain the authorization code using a malicious app on the client-side and use it to gain authorization to the protected resource. This affects the package com.google.oauth-client:google-oauth-client before 1.31.0.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7692.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-7692.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-7692
reference_id
reference_type
scores
0
value 0.00091
scoring_system epss
scoring_elements 0.25684
published_at 2026-06-11T12:55:00Z
1
value 0.00091
scoring_system epss
scoring_elements 0.25884
published_at 2026-06-12T12:55:00Z
2
value 0.00091
scoring_system epss
scoring_elements 0.25901
published_at 2026-06-13T12:55:00Z
3
value 0.00091
scoring_system epss
scoring_elements 0.25883
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-7692
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7692
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7692
3
reference_url https://github.com/googleapis/google-oauth-java-client
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/googleapis/google-oauth-java-client
4
reference_url https://github.com/googleapis/google-oauth-java-client/commit/13433cd7dd06267fc261f0b1d4764f8e3432c824
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/googleapis/google-oauth-java-client/commit/13433cd7dd06267fc261f0b1d4764f8e3432c824
5
reference_url https://github.com/googleapis/google-oauth-java-client/issues/469
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/googleapis/google-oauth-java-client/issues/469
6
reference_url https://lists.apache.org/thread.html/r3db6ac73e0558d64f0b664f2fa4ef0a865e57c5de20f8321d3b48678@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/r3db6ac73e0558d64f0b664f2fa4ef0a865e57c5de20f8321d3b48678@%3Ccommits.druid.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/reae8909b264d1103f321b9ce1623c10c1ddc77dba9790247f2c0c90f@%3Ccommits.druid.apache.org%3E
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/reae8909b264d1103f321b9ce1623c10c1ddc77dba9790247f2c0c90f@%3Ccommits.druid.apache.org%3E
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2020-7692
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2020-7692
9
reference_url https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-575276
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/vuln/SNYK-JAVA-COMGOOGLEOAUTHCLIENT-575276
10
reference_url https://tools.ietf.org/html/rfc7636%23section-1
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tools.ietf.org/html/rfc7636%23section-1
11
reference_url https://tools.ietf.org/html/rfc8252%23section-8.1
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://tools.ietf.org/html/rfc8252%23section-8.1
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1856376
reference_id 1856376
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1856376
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988944
reference_id 988944
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=988944
14
reference_url https://github.com/advisories/GHSA-f263-c949-w85g
reference_id GHSA-f263-c949-w85g
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f263-c949-w85g
15
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
16
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
17
reference_url https://access.redhat.com/errata/RHSA-2023:3299
reference_id RHSA-2023:3299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3299
18
reference_url https://access.redhat.com/errata/RHSA-2023:6172
reference_id RHSA-2023:6172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6172
19
reference_url https://access.redhat.com/errata/RHSA-2024:0778
reference_id RHSA-2024:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0778
fixed_packages
aliases CVE-2020-7692, GHSA-f263-c949-w85g
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-24zg-76th-b7a9
2
url VCID-282p-1cbn-1ydr
vulnerability_id VCID-282p-1cbn-1ydr
summary Sandbox bypass vulnerabilities in Jenkins Script Security Plugin and in Pipeline: Groovy Plugin
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43404.json
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43404.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43404
reference_id
reference_type
scores
0
value 0.00186
scoring_system epss
scoring_elements 0.40262
published_at 2026-06-11T12:55:00Z
1
value 0.00186
scoring_system epss
scoring_elements 0.4043
published_at 2026-06-12T12:55:00Z
2
value 0.00186
scoring_system epss
scoring_elements 0.40441
published_at 2026-06-14T12:55:00Z
3
value 0.00186
scoring_system epss
scoring_elements 0.40452
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43404
2
reference_url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136383
reference_id 2136383
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136383
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-43404
reference_id CVE-2022-43404
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-43404
5
reference_url https://github.com/advisories/GHSA-27rf-8mjp-r363
reference_id GHSA-27rf-8mjp-r363
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-27rf-8mjp-r363
6
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
7
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
8
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
9
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
fixed_packages
aliases CVE-2022-43404, GHSA-27rf-8mjp-r363
risk_score 4.5
exploitability 0.5
weighted_severity 8.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-282p-1cbn-1ydr
3
url VCID-2ef9-4t7c-9kd6
vulnerability_id VCID-2ef9-4t7c-9kd6
summary Jenkins Pipeline: Input Step Plugin 451.vf1a_a_4f405289 and earlier does not restrict or sanitize the optionally specified ID of the 'input' step, which is used for the URLs that process user interactions for the given 'input' step (proceed or abort) and is not correctly encoded, allowing attackers able to configure Pipelines to have Jenkins build URLs from 'input' step IDs that would bypass the CSRF protection of any target URL in Jenkins when the 'input' step is interacted with.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43407.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43407.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43407
reference_id
reference_type
scores
0
value 0.00019
scoring_system epss
scoring_elements 0.0545
published_at 2026-06-14T12:55:00Z
1
value 0.00019
scoring_system epss
scoring_elements 0.05458
published_at 2026-06-13T12:55:00Z
2
value 0.00019
scoring_system epss
scoring_elements 0.05464
published_at 2026-06-12T12:55:00Z
3
value 0.00019
scoring_system epss
scoring_elements 0.05439
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43407
2
reference_url https://github.com/jenkinsci/pipeline-input-step-plugin
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/pipeline-input-step-plugin
3
reference_url https://github.com/jenkinsci/pipeline-input-step-plugin/commit/d8a957db5be95ddfbf81f41a60b2f034000314b5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/pipeline-input-step-plugin/commit/d8a957db5be95ddfbf81f41a60b2f034000314b5
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136386
reference_id 2136386
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136386
5
reference_url http://www.openwall.com/lists/oss-security/2022/10/19/3
reference_id 3
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T19:25:07Z/
url http://www.openwall.com/lists/oss-security/2022/10/19/3
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-43407
reference_id CVE-2022-43407
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-43407
7
reference_url https://github.com/advisories/GHSA-g66m-fqxf-3w35
reference_id GHSA-g66m-fqxf-3w35
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g66m-fqxf-3w35
8
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
9
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
10
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
11
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
12
reference_url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880
reference_id #SECURITY-2880
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-08T19:25:07Z/
url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880
fixed_packages
aliases CVE-2022-43407, GHSA-g66m-fqxf-3w35
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ef9-4t7c-9kd6
4
url VCID-2gbh-nhbd-vyb3
vulnerability_id VCID-2gbh-nhbd-vyb3
summary Sandbox bypass vulnerability in Jenkins Pipeline: Groovy Libraries Plugin and Pipeline: Deprecated Groovy Libraries Plugin
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43405.json
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43405.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43405
reference_id
reference_type
scores
0
value 0.00196
scoring_system epss
scoring_elements 0.41483
published_at 2026-06-11T12:55:00Z
1
value 0.00196
scoring_system epss
scoring_elements 0.41648
published_at 2026-06-12T12:55:00Z
2
value 0.00196
scoring_system epss
scoring_elements 0.41656
published_at 2026-06-14T12:55:00Z
3
value 0.00196
scoring_system epss
scoring_elements 0.41666
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43405
2
reference_url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136374
reference_id 2136374
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136374
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-43405
reference_id CVE-2022-43405
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-43405
5
reference_url https://github.com/advisories/GHSA-4hjj-9gp7-4frg
reference_id GHSA-4hjj-9gp7-4frg
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4hjj-9gp7-4frg
6
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
7
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
8
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
9
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
fixed_packages
aliases CVE-2022-43405, GHSA-4hjj-9gp7-4frg
risk_score 4.5
exploitability 0.5
weighted_severity 8.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2gbh-nhbd-vyb3
5
url VCID-44sb-6uzy-3be8
vulnerability_id VCID-44sb-6uzy-3be8
summary Jenkins JUnit Plugin 1159.v0b_396e1e07dd and earlier converts HTTP(S) URLs in test report output to clickable links in an unsafe manner, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45380.json
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45380.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45380
reference_id
reference_type
scores
0
value 0.02201
scoring_system epss
scoring_elements 0.84841
published_at 2026-06-14T12:55:00Z
1
value 0.02201
scoring_system epss
scoring_elements 0.84848
published_at 2026-06-13T12:55:00Z
2
value 0.02201
scoring_system epss
scoring_elements 0.8484
published_at 2026-06-12T12:55:00Z
3
value 0.02201
scoring_system epss
scoring_elements 0.84788
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45380
2
reference_url https://github.com/jenkinsci/junit-plugin
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/junit-plugin
3
reference_url https://github.com/jenkinsci/junit-plugin/commit/f1f01aaeab7fa35017112f6163b89283390f5da8
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/junit-plugin/commit/f1f01aaeab7fa35017112f6163b89283390f5da8
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2143086
reference_id 2143086
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2143086
5
reference_url http://www.openwall.com/lists/oss-security/2022/11/15/4
reference_id 4
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-30T14:11:41Z/
url http://www.openwall.com/lists/oss-security/2022/11/15/4
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-45380
reference_id CVE-2022-45380
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-45380
7
reference_url https://github.com/advisories/GHSA-298r-5c48-7q2r
reference_id GHSA-298r-5c48-7q2r
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-298r-5c48-7q2r
8
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
9
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
10
reference_url https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888
reference_id #SECURITY-2888
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-30T14:11:41Z/
url https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2888
fixed_packages
aliases CVE-2022-45380, GHSA-298r-5c48-7q2r
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-44sb-6uzy-3be8
6
url VCID-6edu-x9e7-mqg4
vulnerability_id VCID-6edu-x9e7-mqg4
summary Jenkins Script Security Plugin sandbox bypass vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43403.json
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43403.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43403
reference_id
reference_type
scores
0
value 0.00302
scoring_system epss
scoring_elements 0.54028
published_at 2026-06-12T12:55:00Z
1
value 0.00302
scoring_system epss
scoring_elements 0.53903
published_at 2026-06-11T12:55:00Z
2
value 0.00302
scoring_system epss
scoring_elements 0.54032
published_at 2026-06-14T12:55:00Z
3
value 0.00302
scoring_system epss
scoring_elements 0.54046
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43403
2
reference_url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)
3
reference_url https://www.secpod.com/blog/oracle-releases-critical-security-updates-january-2023-patch-now
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.secpod.com/blog/oracle-releases-critical-security-updates-january-2023-patch-now
4
reference_url https://www.secpod.com/blog/oracle-releases-critical-security-updates-january-2023-patch-now/
reference_id
reference_type
scores
url https://www.secpod.com/blog/oracle-releases-critical-security-updates-january-2023-patch-now/
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136382
reference_id 2136382
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136382
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-43403
reference_id CVE-2022-43403
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-43403
7
reference_url https://github.com/advisories/GHSA-f6mq-6fx5-w2ch
reference_id GHSA-f6mq-6fx5-w2ch
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f6mq-6fx5-w2ch
8
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
9
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
10
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
11
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
fixed_packages
aliases CVE-2022-43403, GHSA-f6mq-6fx5-w2ch
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6edu-x9e7-mqg4
7
url VCID-6fdz-pavg-uydu
vulnerability_id VCID-6fdz-pavg-uydu
summary Lack of authentication mechanism in Jenkins Git Plugin webhook
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36884.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36884.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36884
reference_id
reference_type
scores
0
value 0.00347
scoring_system epss
scoring_elements 0.57814
published_at 2026-06-12T12:55:00Z
1
value 0.00347
scoring_system epss
scoring_elements 0.57821
published_at 2026-06-14T12:55:00Z
2
value 0.00347
scoring_system epss
scoring_elements 0.57699
published_at 2026-06-11T12:55:00Z
3
value 0.00347
scoring_system epss
scoring_elements 0.5783
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36884
2
reference_url https://github.com/jenkinsci/git-plugin/commit/b46165c74a0bf15e08763de2e506005624d5d238
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/git-plugin/commit/b46165c74a0bf15e08763de2e506005624d5d238
3
reference_url https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2119657
reference_id 2119657
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2119657
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36884
reference_id CVE-2022-36884
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36884
6
reference_url https://github.com/advisories/GHSA-449w-c77c-vmf6
reference_id GHSA-449w-c77c-vmf6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-449w-c77c-vmf6
7
reference_url https://access.redhat.com/errata/RHSA-2023:0017
reference_id RHSA-2023:0017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0017
8
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
9
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
fixed_packages
aliases CVE-2022-36884, GHSA-449w-c77c-vmf6
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6fdz-pavg-uydu
8
url VCID-79jf-4v34-5feg
vulnerability_id VCID-79jf-4v34-5feg
summary Jenkins Pipeline: Supporting APIs Plugin 838.va_3a_087b_4055b and earlier does not sanitize or properly encode URLs of hyperlinks sending POST requests in build logs, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create Pipelines.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43409.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43409.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43409
reference_id
reference_type
scores
0
value 0.04368
scoring_system epss
scoring_elements 0.89248
published_at 2026-06-14T12:55:00Z
1
value 0.04368
scoring_system epss
scoring_elements 0.89239
published_at 2026-06-12T12:55:00Z
2
value 0.04368
scoring_system epss
scoring_elements 0.89202
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43409
2
reference_url https://github.com/jenkinsci/workflow-support-plugin
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/workflow-support-plugin
3
reference_url https://github.com/jenkinsci/workflow-support-plugin/commit/35e2736cfd5c56799eece176328906d92b6a0dd1
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/workflow-support-plugin/commit/35e2736cfd5c56799eece176328906d92b6a0dd1
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136391
reference_id 2136391
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136391
5
reference_url http://www.openwall.com/lists/oss-security/2022/10/19/3
reference_id 3
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T19:24:01Z/
url http://www.openwall.com/lists/oss-security/2022/10/19/3
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-43409
reference_id CVE-2022-43409
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-43409
7
reference_url https://github.com/advisories/GHSA-64r9-x74q-wxmh
reference_id GHSA-64r9-x74q-wxmh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-64r9-x74q-wxmh
8
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
9
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
10
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
11
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
12
reference_url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881
reference_id #SECURITY-2881
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T19:24:01Z/
url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2881
fixed_packages
aliases CVE-2022-43409, GHSA-64r9-x74q-wxmh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-79jf-4v34-5feg
9
url VCID-8drq-ax12-d7h5
vulnerability_id VCID-8drq-ax12-d7h5
summary Jenkins Pipeline Utility Steps Plugin 2.13.1 and earlier does not restrict the set of enabled prefix interpolators and bundles versions of Apache Commons Configuration library that enable the 'file:' prefix interpolator by default, allowing attackers able to configure Pipelines to read arbitrary files from the Jenkins controller file system.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45381.json
reference_id
reference_type
scores
0
value 8.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45381.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45381
reference_id
reference_type
scores
0
value 0.0031
scoring_system epss
scoring_elements 0.54556
published_at 2026-06-11T12:55:00Z
1
value 0.0031
scoring_system epss
scoring_elements 0.54682
published_at 2026-06-14T12:55:00Z
2
value 0.0031
scoring_system epss
scoring_elements 0.54698
published_at 2026-06-13T12:55:00Z
3
value 0.0031
scoring_system epss
scoring_elements 0.54681
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45381
2
reference_url https://github.com/jenkinsci/pipeline-utility-steps-plugin
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/pipeline-utility-steps-plugin
3
reference_url https://github.com/jenkinsci/pipeline-utility-steps-plugin/commit/01be8ac0045027128fc1e9cf3a8b0709d08291ea
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/pipeline-utility-steps-plugin/commit/01be8ac0045027128fc1e9cf3a8b0709d08291ea
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2143089
reference_id 2143089
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2143089
5
reference_url http://www.openwall.com/lists/oss-security/2022/11/15/4
reference_id 4
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T14:10:21Z/
url http://www.openwall.com/lists/oss-security/2022/11/15/4
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-45381
reference_id CVE-2022-45381
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-45381
7
reference_url https://github.com/advisories/GHSA-3g9q-cmgv-g4p6
reference_id GHSA-3g9q-cmgv-g4p6
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3g9q-cmgv-g4p6
8
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
9
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
10
reference_url https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949
reference_id #SECURITY-2949
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value 8.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-30T14:10:21Z/
url https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2949
fixed_packages
aliases CVE-2022-45381, GHSA-3g9q-cmgv-g4p6
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8drq-ax12-d7h5
10
url VCID-f9a3-vz93-zqcq
vulnerability_id VCID-f9a3-vz93-zqcq
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25857.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-25857.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-25857
reference_id
reference_type
scores
0
value 0.02005
scoring_system epss
scoring_elements 0.84118
published_at 2026-06-14T12:55:00Z
1
value 0.02005
scoring_system epss
scoring_elements 0.84123
published_at 2026-06-13T12:55:00Z
2
value 0.0292
scoring_system epss
scoring_elements 0.86748
published_at 2026-06-12T12:55:00Z
3
value 0.0292
scoring_system epss
scoring_elements 0.867
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-25857
2
reference_url https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/commits/fc300780da21f4bb92c148bc90257201220cf174
3
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/525
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/issues/525
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25857
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25857
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/jruby/jruby/issues/7342
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements
url https://github.com/jruby/jruby/issues/7342
7
reference_url https://github.com/snakeyaml/snakeyaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/snakeyaml/snakeyaml
8
reference_url https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/snakeyaml/snakeyaml/commit/fc300780da21f4bb92c148bc90257201220cf174
9
reference_url https://security.netapp.com/advisory/ntap-20240315-0010
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240315-0010
10
reference_url https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.snyk.io/vuln/SNYK-JAVA-ORGYAML-2806360
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019218
reference_id 1019218
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1019218
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2126789
reference_id 2126789
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2126789
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-25857
reference_id CVE-2022-25857
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-25857
14
reference_url https://github.com/advisories/GHSA-3mc7-4q67-w48m
reference_id GHSA-3mc7-4q67-w48m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3mc7-4q67-w48m
15
reference_url https://access.redhat.com/errata/RHSA-2022:6757
reference_id RHSA-2022:6757
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6757
16
reference_url https://access.redhat.com/errata/RHSA-2022:6820
reference_id RHSA-2022:6820
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6820
17
reference_url https://access.redhat.com/errata/RHSA-2022:6821
reference_id RHSA-2022:6821
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6821
18
reference_url https://access.redhat.com/errata/RHSA-2022:6822
reference_id RHSA-2022:6822
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6822
19
reference_url https://access.redhat.com/errata/RHSA-2022:6823
reference_id RHSA-2022:6823
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6823
20
reference_url https://access.redhat.com/errata/RHSA-2022:6825
reference_id RHSA-2022:6825
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6825
21
reference_url https://access.redhat.com/errata/RHSA-2022:6835
reference_id RHSA-2022:6835
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6835
22
reference_url https://access.redhat.com/errata/RHSA-2022:6941
reference_id RHSA-2022:6941
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:6941
23
reference_url https://access.redhat.com/errata/RHSA-2022:8524
reference_id RHSA-2022:8524
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8524
24
reference_url https://access.redhat.com/errata/RHSA-2022:8652
reference_id RHSA-2022:8652
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8652
25
reference_url https://access.redhat.com/errata/RHSA-2022:8876
reference_id RHSA-2022:8876
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8876
26
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
27
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
28
reference_url https://access.redhat.com/errata/RHSA-2023:1043
reference_id RHSA-2023:1043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1043
29
reference_url https://access.redhat.com/errata/RHSA-2023:1044
reference_id RHSA-2023:1044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1044
30
reference_url https://access.redhat.com/errata/RHSA-2023:1045
reference_id RHSA-2023:1045
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1045
31
reference_url https://access.redhat.com/errata/RHSA-2023:1047
reference_id RHSA-2023:1047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1047
32
reference_url https://access.redhat.com/errata/RHSA-2023:1049
reference_id RHSA-2023:1049
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1049
33
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
34
reference_url https://access.redhat.com/errata/RHSA-2023:2100
reference_id RHSA-2023:2100
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2100
35
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
36
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
37
reference_url https://access.redhat.com/errata/RHSA-2023:4983
reference_id RHSA-2023:4983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4983
38
reference_url https://access.redhat.com/errata/RHSA-2023:6172
reference_id RHSA-2023:6172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6172
39
reference_url https://access.redhat.com/errata/RHSA-2023:6179
reference_id RHSA-2023:6179
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6179
40
reference_url https://access.redhat.com/errata/RHSA-2023:7288
reference_id RHSA-2023:7288
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7288
41
reference_url https://access.redhat.com/errata/RHSA-2023:7697
reference_id RHSA-2023:7697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7697
42
reference_url https://access.redhat.com/errata/RHSA-2024:0776
reference_id RHSA-2024:0776
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0776
43
reference_url https://access.redhat.com/errata/RHSA-2024:0777
reference_id RHSA-2024:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0777
44
reference_url https://access.redhat.com/errata/RHSA-2024:0778
reference_id RHSA-2024:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0778
45
reference_url https://access.redhat.com/errata/RHSA-2025:4226
reference_id RHSA-2025:4226
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4226
46
reference_url https://access.redhat.com/errata/RHSA-2025:4437
reference_id RHSA-2025:4437
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:4437
47
reference_url https://usn.ubuntu.com/5944-1/
reference_id USN-5944-1
reference_type
scores
url https://usn.ubuntu.com/5944-1/
fixed_packages
aliases CVE-2022-25857, GHSA-3mc7-4q67-w48m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f9a3-vz93-zqcq
11
url VCID-kshy-a9qd-9ue3
vulnerability_id VCID-kshy-a9qd-9ue3
summary Lack of authentication mechanism in Jenkins Git Plugin webhook
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36883.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36883.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36883
reference_id
reference_type
scores
0
value 0.8079
scoring_system epss
scoring_elements 0.99172
published_at 2026-06-14T12:55:00Z
1
value 0.8079
scoring_system epss
scoring_elements 0.99169
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36883
2
reference_url https://github.com/jenkinsci/git-plugin
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/git-plugin
3
reference_url https://github.com/jenkinsci/git-plugin/commit/b46165c74a0bf15e08763de2e506005624d5d238
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/git-plugin/commit/b46165c74a0bf15e08763de2e506005624d5d238
4
reference_url https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2119656
reference_id 2119656
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2119656
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36883
reference_id CVE-2022-36883
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36883
7
reference_url https://github.com/advisories/GHSA-v878-67xw-grw2
reference_id GHSA-v878-67xw-grw2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v878-67xw-grw2
8
reference_url https://access.redhat.com/errata/RHSA-2023:0017
reference_id RHSA-2023:0017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0017
9
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
10
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
fixed_packages
aliases CVE-2022-36883, GHSA-v878-67xw-grw2
risk_score 10.0
exploitability 2.0
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kshy-a9qd-9ue3
12
url VCID-pae5-c62h-q7a9
vulnerability_id VCID-pae5-c62h-q7a9
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30952.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30952.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30952
reference_id
reference_type
scores
0
value 0.00128
scoring_system epss
scoring_elements 0.31772
published_at 2026-06-11T12:55:00Z
1
value 0.00128
scoring_system epss
scoring_elements 0.3196
published_at 2026-06-12T12:55:00Z
2
value 0.00128
scoring_system epss
scoring_elements 0.31977
published_at 2026-06-13T12:55:00Z
3
value 0.00128
scoring_system epss
scoring_elements 0.31956
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30952
2
reference_url https://github.com/jenkinsci/blueocean-plugin/commit/c4beeda0b574c297ac664511029feed0a15abaf1
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/blueocean-plugin/commit/c4beeda0b574c297ac664511029feed0a15abaf1
3
reference_url https://github.com/jenkinsci/blueocean-plugin/tree/master/blueocean-pipeline-scm-api
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/blueocean-plugin/tree/master/blueocean-pipeline-scm-api
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-30952
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-30952
5
reference_url https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-714
6
reference_url http://www.openwall.com/lists/oss-security/2022/05/17/8
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/05/17/8
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2119645
reference_id 2119645
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2119645
8
reference_url https://github.com/advisories/GHSA-g74w-93cp-5p3p
reference_id GHSA-g74w-93cp-5p3p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g74w-93cp-5p3p
9
reference_url https://access.redhat.com/errata/RHSA-2023:0017
reference_id RHSA-2023:0017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0017
10
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
11
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
12
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
fixed_packages
aliases CVE-2022-30952, GHSA-g74w-93cp-5p3p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pae5-c62h-q7a9
13
url VCID-pe9e-5tw4-rfbf
vulnerability_id VCID-pe9e-5tw4-rfbf
summary Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45047.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-45047.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-45047
reference_id
reference_type
scores
0
value 0.05991
scoring_system epss
scoring_elements 0.90917
published_at 2026-06-14T12:55:00Z
1
value 0.05991
scoring_system epss
scoring_elements 0.90918
published_at 2026-06-13T12:55:00Z
2
value 0.05991
scoring_system epss
scoring_elements 0.90911
published_at 2026-06-12T12:55:00Z
3
value 0.05991
scoring_system epss
scoring_elements 0.90882
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-45047
2
reference_url https://github.com/apache/mina-sshd
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/mina-sshd
3
reference_url https://github.com/apache/mina-sshd/commit/03238d51586f6b3c0bdbb1a23cf16799344d6c32
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/mina-sshd/commit/03238d51586f6b3c0bdbb1a23cf16799344d6c32
4
reference_url https://github.com/apache/mina-sshd/commit/10de190e7d3f9189deb76b8d08c72334a1fe2df0
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/mina-sshd/commit/10de190e7d3f9189deb76b8d08c72334a1fe2df0
5
reference_url https://github.com/apache/mina-sshd/commit/5a8fe830b2a2308a2b24ac8115a391af477f64f5
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/mina-sshd/commit/5a8fe830b2a2308a2b24ac8115a391af477f64f5
6
reference_url https://www.mail-archive.com/dev@mina.apache.org/msg39312.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.mail-archive.com/dev@mina.apache.org/msg39312.html
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2145194
reference_id 2145194
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2145194
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-45047
reference_id CVE-2022-45047
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-45047
9
reference_url https://github.com/advisories/GHSA-fhw8-8j55-vwgq
reference_id GHSA-fhw8-8j55-vwgq
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fhw8-8j55-vwgq
10
reference_url https://www.mail-archive.com/dev%40mina.apache.org/msg39312.html
reference_id msg39312.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-01T03:55:36Z/
url https://www.mail-archive.com/dev%40mina.apache.org/msg39312.html
11
reference_url https://security.netapp.com/advisory/ntap-20240216-0008/
reference_id ntap-20240216-0008
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:T/P:M/B:A/M:M/D:R/2026-05-01T03:55:36Z/
url https://security.netapp.com/advisory/ntap-20240216-0008/
12
reference_url https://access.redhat.com/errata/RHSA-2022:8957
reference_id RHSA-2022:8957
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8957
13
reference_url https://access.redhat.com/errata/RHSA-2023:0074
reference_id RHSA-2023:0074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0074
14
reference_url https://access.redhat.com/errata/RHSA-2023:0552
reference_id RHSA-2023:0552
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0552
15
reference_url https://access.redhat.com/errata/RHSA-2023:0553
reference_id RHSA-2023:0553
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0553
16
reference_url https://access.redhat.com/errata/RHSA-2023:0554
reference_id RHSA-2023:0554
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0554
17
reference_url https://access.redhat.com/errata/RHSA-2023:0556
reference_id RHSA-2023:0556
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0556
18
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
19
reference_url https://access.redhat.com/errata/RHSA-2023:0713
reference_id RHSA-2023:0713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0713
20
reference_url https://access.redhat.com/errata/RHSA-2023:0758
reference_id RHSA-2023:0758
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0758
21
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
22
reference_url https://access.redhat.com/errata/RHSA-2023:1043
reference_id RHSA-2023:1043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1043
23
reference_url https://access.redhat.com/errata/RHSA-2023:1044
reference_id RHSA-2023:1044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1044
24
reference_url https://access.redhat.com/errata/RHSA-2023:1045
reference_id RHSA-2023:1045
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1045
25
reference_url https://access.redhat.com/errata/RHSA-2023:1047
reference_id RHSA-2023:1047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1047
26
reference_url https://access.redhat.com/errata/RHSA-2023:1049
reference_id RHSA-2023:1049
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1049
27
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
28
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
29
reference_url https://access.redhat.com/errata/RHSA-2023:3641
reference_id RHSA-2023:3641
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3641
30
reference_url https://access.redhat.com/errata/RHSA-2023:4983
reference_id RHSA-2023:4983
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4983
31
reference_url https://access.redhat.com/errata/RHSA-2023:5396
reference_id RHSA-2023:5396
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5396
32
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
33
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
aliases CVE-2022-45047, GHSA-fhw8-8j55-vwgq
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pe9e-5tw4-rfbf
14
url VCID-r8x8-fygj-77bn
vulnerability_id VCID-r8x8-fygj-77bn
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30946.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30946.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30946
reference_id
reference_type
scores
0
value 0.00104
scoring_system epss
scoring_elements 0.27834
published_at 2026-06-11T12:55:00Z
1
value 0.00104
scoring_system epss
scoring_elements 0.28032
published_at 2026-06-12T12:55:00Z
2
value 0.00104
scoring_system epss
scoring_elements 0.28057
published_at 2026-06-13T12:55:00Z
3
value 0.00104
scoring_system epss
scoring_elements 0.28046
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30946
2
reference_url https://github.com/jenkinsci/script-security-plugin
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/script-security-plugin
3
reference_url https://github.com/jenkinsci/script-security-plugin/commit/35f6a0b8207ed3a32a85f27c1312da6cd738eeaa
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/script-security-plugin/commit/35f6a0b8207ed3a32a85f27c1312da6cd738eeaa
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-30946
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-30946
5
reference_url https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2116
6
reference_url http://www.openwall.com/lists/oss-security/2022/05/17/8
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/05/17/8
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2119643
reference_id 2119643
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2119643
8
reference_url https://github.com/advisories/GHSA-qwgx-mrv5-87j8
reference_id GHSA-qwgx-mrv5-87j8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qwgx-mrv5-87j8
9
reference_url https://access.redhat.com/errata/RHSA-2023:0017
reference_id RHSA-2023:0017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0017
10
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
11
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
fixed_packages
aliases CVE-2022-30946, GHSA-qwgx-mrv5-87j8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r8x8-fygj-77bn
15
url VCID-udcj-gpwk-uudj
vulnerability_id VCID-udcj-gpwk-uudj
summary Sandbox bypass vulnerabilities in Jenkins Script Security Plugin and in Pipeline: Groovy Plugin
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43401.json
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43401.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43401
reference_id
reference_type
scores
0
value 0.00229
scoring_system epss
scoring_elements 0.45829
published_at 2026-06-11T12:55:00Z
1
value 0.00229
scoring_system epss
scoring_elements 0.45974
published_at 2026-06-12T12:55:00Z
2
value 0.00229
scoring_system epss
scoring_elements 0.45968
published_at 2026-06-14T12:55:00Z
3
value 0.00229
scoring_system epss
scoring_elements 0.45982
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43401
2
reference_url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136381
reference_id 2136381
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136381
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-43401
reference_id CVE-2022-43401
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-43401
5
reference_url https://github.com/advisories/GHSA-7vr5-72w7-q6jc
reference_id GHSA-7vr5-72w7-q6jc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7vr5-72w7-q6jc
6
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
7
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
8
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
9
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
fixed_packages
aliases CVE-2022-43401, GHSA-7vr5-72w7-q6jc
risk_score 4.5
exploitability 0.5
weighted_severity 8.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-udcj-gpwk-uudj
16
url VCID-vftd-1z64-mba7
vulnerability_id VCID-vftd-1z64-mba7
summary Lack of authentication mechanism in Jenkins Git Plugin webhook
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36882.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36882.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36882
reference_id
reference_type
scores
0
value 0.00515
scoring_system epss
scoring_elements 0.67139
published_at 2026-06-12T12:55:00Z
1
value 0.00515
scoring_system epss
scoring_elements 0.67047
published_at 2026-06-11T12:55:00Z
2
value 0.00515
scoring_system epss
scoring_elements 0.67152
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36882
2
reference_url https://github.com/jenkinsci/git-plugin/commit/b46165c74a0bf15e08763de2e506005624d5d238
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/git-plugin/commit/b46165c74a0bf15e08763de2e506005624d5d238
3
reference_url https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-284
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2116840
reference_id 2116840
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2116840
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36882
reference_id CVE-2022-36882
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36882
6
reference_url https://github.com/advisories/GHSA-8xwj-2wgh-gprh
reference_id GHSA-8xwj-2wgh-gprh
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8xwj-2wgh-gprh
7
reference_url https://access.redhat.com/errata/RHSA-2023:0017
reference_id RHSA-2023:0017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0017
8
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
9
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
fixed_packages
aliases CVE-2022-36882, GHSA-8xwj-2wgh-gprh
risk_score 4.0
exploitability 0.5
weighted_severity 7.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vftd-1z64-mba7
17
url VCID-vm4d-svqb-dfh6
vulnerability_id VCID-vm4d-svqb-dfh6
summary Sandbox bypass vulnerability in Jenkins Pipeline: Deprecated Groovy Libraries Plugin
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43406.json
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43406.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43406
reference_id
reference_type
scores
0
value 0.00196
scoring_system epss
scoring_elements 0.41483
published_at 2026-06-11T12:55:00Z
1
value 0.00196
scoring_system epss
scoring_elements 0.41648
published_at 2026-06-12T12:55:00Z
2
value 0.00196
scoring_system epss
scoring_elements 0.41656
published_at 2026-06-14T12:55:00Z
3
value 0.00196
scoring_system epss
scoring_elements 0.41666
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43406
2
reference_url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(2)
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136370
reference_id 2136370
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136370
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-43406
reference_id CVE-2022-43406
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-43406
5
reference_url https://github.com/advisories/GHSA-7qw2-h9gj-hcvh
reference_id GHSA-7qw2-h9gj-hcvh
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7qw2-h9gj-hcvh
6
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
7
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
8
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
9
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
fixed_packages
aliases CVE-2022-43406, GHSA-7qw2-h9gj-hcvh
risk_score 4.5
exploitability 0.5
weighted_severity 8.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vm4d-svqb-dfh6
18
url VCID-vyvx-hyzd-zkan
vulnerability_id VCID-vyvx-hyzd-zkan
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30954.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30954.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30954
reference_id
reference_type
scores
0
value 0.00052
scoring_system epss
scoring_elements 0.16551
published_at 2026-06-11T12:55:00Z
1
value 0.00052
scoring_system epss
scoring_elements 0.167
published_at 2026-06-12T12:55:00Z
2
value 0.00052
scoring_system epss
scoring_elements 0.16711
published_at 2026-06-13T12:55:00Z
3
value 0.00052
scoring_system epss
scoring_elements 0.16684
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30954
2
reference_url https://github.com/jenkinsci/blueocean-plugin
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/blueocean-plugin
3
reference_url https://github.com/jenkinsci/blueocean-plugin/commit/ffd89b675b172c86613459935fe220dc2bba0c57
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/blueocean-plugin/commit/ffd89b675b172c86613459935fe220dc2bba0c57
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-30954
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-30954
5
reference_url https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502
6
reference_url http://www.openwall.com/lists/oss-security/2022/05/17/8
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/05/17/8
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2119647
reference_id 2119647
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2119647
8
reference_url https://github.com/advisories/GHSA-5m4q-x28v-q6wp
reference_id GHSA-5m4q-x28v-q6wp
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-5m4q-x28v-q6wp
9
reference_url https://access.redhat.com/errata/RHSA-2023:0017
reference_id RHSA-2023:0017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0017
10
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
11
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
12
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
13
reference_url https://access.redhat.com/errata/RHSA-2023:3610
reference_id RHSA-2023:3610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3610
14
reference_url https://access.redhat.com/errata/RHSA-2023:3622
reference_id RHSA-2023:3622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3622
fixed_packages
aliases CVE-2022-30954, GHSA-5m4q-x28v-q6wp
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vyvx-hyzd-zkan
19
url VCID-wbwg-kc2b-4qhc
vulnerability_id VCID-wbwg-kc2b-4qhc
summary Jenkins GitHub plugin uses weak webhook signature function
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36885.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-36885.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-36885
reference_id
reference_type
scores
0
value 0.00173
scoring_system epss
scoring_elements 0.38735
published_at 2026-06-12T12:55:00Z
1
value 0.00173
scoring_system epss
scoring_elements 0.38563
published_at 2026-06-11T12:55:00Z
2
value 0.00173
scoring_system epss
scoring_elements 0.38748
published_at 2026-06-14T12:55:00Z
3
value 0.00173
scoring_system epss
scoring_elements 0.38758
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-36885
2
reference_url https://github.com/jenkinsci/github-plugin
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/github-plugin
3
reference_url https://github.com/jenkinsci/github-plugin/commit/11d1d79ebf85248dc43432389746c1ecc3452b6a
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/github-plugin/commit/11d1d79ebf85248dc43432389746c1ecc3452b6a
4
reference_url https://github.com/jenkinsci/github-plugin/releases/tag/v1.34.5
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/github-plugin/releases/tag/v1.34.5
5
reference_url https://plugins.jenkins.io/github-issues
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://plugins.jenkins.io/github-issues
6
reference_url https://plugins.jenkins.io/github-issues/
reference_id
reference_type
scores
url https://plugins.jenkins.io/github-issues/
7
reference_url https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1849
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-1849
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2119658
reference_id 2119658
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2119658
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-36885
reference_id CVE-2022-36885
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-36885
10
reference_url https://github.com/advisories/GHSA-mxcc-7h5m-x57r
reference_id GHSA-mxcc-7h5m-x57r
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mxcc-7h5m-x57r
11
reference_url https://access.redhat.com/errata/RHSA-2023:0017
reference_id RHSA-2023:0017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0017
12
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
13
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
fixed_packages
aliases CVE-2022-36885, GHSA-mxcc-7h5m-x57r
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wbwg-kc2b-4qhc
20
url VCID-xsy5-wuvz-juh6
vulnerability_id VCID-xsy5-wuvz-juh6
summary Jenkins Pipeline: Stage View Plugin 2.26 and earlier does not correctly encode the ID of 'input' steps when using it to generate URLs to proceed or abort Pipeline builds, allowing attackers able to configure Pipelines to specify 'input' step IDs resulting in URLs that would bypass the CSRF protection of any target URL in Jenkins.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43408.json
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43408.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43408
reference_id
reference_type
scores
0
value 0.00016
scoring_system epss
scoring_elements 0.04112
published_at 2026-06-14T12:55:00Z
1
value 0.00016
scoring_system epss
scoring_elements 0.04103
published_at 2026-06-13T12:55:00Z
2
value 0.00016
scoring_system epss
scoring_elements 0.04113
published_at 2026-06-12T12:55:00Z
3
value 0.00016
scoring_system epss
scoring_elements 0.04095
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43408
2
reference_url https://github.com/jenkinsci/pipeline-stage-view-plugin/commit/cee275109ee748fa9f599ec60159807a28a2933f
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/pipeline-stage-view-plugin/commit/cee275109ee748fa9f599ec60159807a28a2933f
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136388
reference_id 2136388
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136388
4
reference_url http://www.openwall.com/lists/oss-security/2022/10/19/3
reference_id 3
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T19:24:25Z/
url http://www.openwall.com/lists/oss-security/2022/10/19/3
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-43408
reference_id CVE-2022-43408
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-43408
6
reference_url https://github.com/advisories/GHSA-g975-f26h-93g8
reference_id GHSA-g975-f26h-93g8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g975-f26h-93g8
7
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
8
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
9
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
10
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
11
reference_url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828
reference_id #SECURITY-2828
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-08T19:24:25Z/
url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828
fixed_packages
aliases CVE-2022-43408, GHSA-g975-f26h-93g8
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xsy5-wuvz-juh6
21
url VCID-yw72-1mwb-bqdc
vulnerability_id VCID-yw72-1mwb-bqdc
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30953.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-30953.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-30953
reference_id
reference_type
scores
0
value 0.00113
scoring_system epss
scoring_elements 0.2945
published_at 2026-06-11T12:55:00Z
1
value 0.00113
scoring_system epss
scoring_elements 0.29651
published_at 2026-06-12T12:55:00Z
2
value 0.00113
scoring_system epss
scoring_elements 0.29668
published_at 2026-06-13T12:55:00Z
3
value 0.00113
scoring_system epss
scoring_elements 0.29652
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-30953
2
reference_url https://github.com/jenkinsci/blueocean-plugin
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/blueocean-plugin
3
reference_url https://github.com/jenkinsci/blueocean-plugin/commit/9f44b895d018c514d5dccc1f2190a2a029e58259
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/blueocean-plugin/commit/9f44b895d018c514d5dccc1f2190a2a029e58259
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-30953
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-30953
5
reference_url https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-05-17/#SECURITY-2502
6
reference_url http://www.openwall.com/lists/oss-security/2022/05/17/8
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/05/17/8
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2119646
reference_id 2119646
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2119646
8
reference_url https://github.com/advisories/GHSA-hgpq-42pf-9vfq
reference_id GHSA-hgpq-42pf-9vfq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hgpq-42pf-9vfq
9
reference_url https://access.redhat.com/errata/RHSA-2023:0017
reference_id RHSA-2023:0017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0017
10
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
11
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
12
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
13
reference_url https://access.redhat.com/errata/RHSA-2023:3610
reference_id RHSA-2023:3610
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3610
14
reference_url https://access.redhat.com/errata/RHSA-2023:3622
reference_id RHSA-2023:3622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3622
fixed_packages
aliases CVE-2022-30953, GHSA-hgpq-42pf-9vfq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yw72-1mwb-bqdc
22
url VCID-zpc9-qmnr-ckga
vulnerability_id VCID-zpc9-qmnr-ckga
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1471.json
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-1471.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-1471
reference_id
reference_type
scores
0
value 0.93849
scoring_system epss
scoring_elements 0.99876
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-1471
2
reference_url https://bitbucket.org/snakeyaml/snakeyaml
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml
3
reference_url https://bitbucket.org/snakeyaml/snakeyaml/commits/5014df1a36f50aca54405bb8433bc99a8847f758
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/commits/5014df1a36f50aca54405bb8433bc99a8847f758
4
reference_url https://bitbucket.org/snakeyaml/snakeyaml/commits/acc44099f5f4af26ff86b4e4e4cc1c874e2dc5c4
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/commits/acc44099f5f4af26ff86b4e4e4cc1c874e2dc5c4
5
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64634374
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64634374
6
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64876314
7
reference_url https://bitbucket.org/snakeyaml/snakeyaml/wiki/CVE-2022-1471
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bitbucket.org/snakeyaml/snakeyaml/wiki/CVE-2022-1471
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-1471
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-1471
11
reference_url https://security.netapp.com/advisory/ntap-20230818-0015
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20230818-0015
12
reference_url https://security.netapp.com/advisory/ntap-20240621-0006
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240621-0006
13
reference_url https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://snyk.io/blog/unsafe-deserialization-snakeyaml-java-cve-2022-1471
14
reference_url http://www.openwall.com/lists/oss-security/2023/11/19/1
reference_id 1
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url http://www.openwall.com/lists/oss-security/2023/11/19/1
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2150009
reference_id 2150009
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2150009
16
reference_url https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html
reference_id cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://confluence.atlassian.com/security/cve-2022-1471-snakeyaml-library-rce-vulnerability-in-multiple-products-1296171009.html
17
reference_url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479
reference_id cve-2022-1471-vulnerability-in#comment-64581479
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in#comment-64581479
18
reference_url https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c
reference_id %EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://infosecwriteups.com/%EF%B8%8F-inside-the-160-comment-fight-to-fix-snakeyamls-rce-default-1a20c5ca4d4c
19
reference_url https://github.com/advisories/GHSA-mjmj-j48q-9wg2
reference_id GHSA-mjmj-j48q-9wg2
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mjmj-j48q-9wg2
20
reference_url https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2
reference_id GHSA-mjmj-j48q-9wg2
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://github.com/google/security-research/security/advisories/GHSA-mjmj-j48q-9wg2
21
reference_url https://github.com/mbechler/marshalsec
reference_id marshalsec
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://github.com/mbechler/marshalsec
22
reference_url https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true
reference_id marshalsec.pdf?raw=true
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true
23
reference_url https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc
reference_id mwrakFaEdnc
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://groups.google.com/g/kubernetes-security-announce/c/mwrakFaEdnc
24
reference_url https://security.netapp.com/advisory/ntap-20230818-0015/
reference_id ntap-20230818-0015
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://security.netapp.com/advisory/ntap-20230818-0015/
25
reference_url https://security.netapp.com/advisory/ntap-20240621-0006/
reference_id ntap-20240621-0006
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url https://security.netapp.com/advisory/ntap-20240621-0006/
26
reference_url http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html
reference_id PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html
reference_type
scores
0
value 8.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-08-07T18:13:22Z/
url http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html
27
reference_url https://access.redhat.com/errata/RHSA-2022:9032
reference_id RHSA-2022:9032
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9032
28
reference_url https://access.redhat.com/errata/RHSA-2022:9058
reference_id RHSA-2022:9058
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:9058
29
reference_url https://access.redhat.com/errata/RHSA-2023:0697
reference_id RHSA-2023:0697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0697
30
reference_url https://access.redhat.com/errata/RHSA-2023:0758
reference_id RHSA-2023:0758
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0758
31
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
32
reference_url https://access.redhat.com/errata/RHSA-2023:1006
reference_id RHSA-2023:1006
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1006
33
reference_url https://access.redhat.com/errata/RHSA-2023:1043
reference_id RHSA-2023:1043
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1043
34
reference_url https://access.redhat.com/errata/RHSA-2023:1044
reference_id RHSA-2023:1044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1044
35
reference_url https://access.redhat.com/errata/RHSA-2023:1045
reference_id RHSA-2023:1045
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1045
36
reference_url https://access.redhat.com/errata/RHSA-2023:1047
reference_id RHSA-2023:1047
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1047
37
reference_url https://access.redhat.com/errata/RHSA-2023:1049
reference_id RHSA-2023:1049
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1049
38
reference_url https://access.redhat.com/errata/RHSA-2023:1512
reference_id RHSA-2023:1512
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1512
39
reference_url https://access.redhat.com/errata/RHSA-2023:1513
reference_id RHSA-2023:1513
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1513
40
reference_url https://access.redhat.com/errata/RHSA-2023:1514
reference_id RHSA-2023:1514
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1514
41
reference_url https://access.redhat.com/errata/RHSA-2023:1516
reference_id RHSA-2023:1516
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1516
42
reference_url https://access.redhat.com/errata/RHSA-2023:2097
reference_id RHSA-2023:2097
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2097
43
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
44
reference_url https://access.redhat.com/errata/RHSA-2023:4612
reference_id RHSA-2023:4612
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4612
45
reference_url https://access.redhat.com/errata/RHSA-2023:5165
reference_id RHSA-2023:5165
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:5165
46
reference_url https://access.redhat.com/errata/RHSA-2023:6171
reference_id RHSA-2023:6171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6171
47
reference_url https://access.redhat.com/errata/RHSA-2023:7697
reference_id RHSA-2023:7697
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:7697
48
reference_url https://access.redhat.com/errata/RHSA-2024:0325
reference_id RHSA-2024:0325
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0325
49
reference_url https://access.redhat.com/errata/RHSA-2024:0775
reference_id RHSA-2024:0775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0775
50
reference_url https://access.redhat.com/errata/RHSA-2024:1353
reference_id RHSA-2024:1353
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:1353
51
reference_url https://access.redhat.com/errata/RHSA-2025:1746
reference_id RHSA-2025:1746
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1746
52
reference_url https://access.redhat.com/errata/RHSA-2025:1747
reference_id RHSA-2025:1747
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:1747
fixed_packages
aliases CVE-2022-1471, GHSA-mjmj-j48q-9wg2
risk_score 10.0
exploitability 2.0
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zpc9-qmnr-ckga
23
url VCID-zwkg-gh5x-t7a4
vulnerability_id VCID-zwkg-gh5x-t7a4
summary Jenkins Pipeline: Groovy Plugin allows sandbox protection bypass and arbitrary code execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43402.json
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-43402.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-43402
reference_id
reference_type
scores
0
value 0.00113
scoring_system epss
scoring_elements 0.29693
published_at 2026-06-12T12:55:00Z
1
value 0.00113
scoring_system epss
scoring_elements 0.29495
published_at 2026-06-11T12:55:00Z
2
value 0.00113
scoring_system epss
scoring_elements 0.29695
published_at 2026-06-14T12:55:00Z
3
value 0.00113
scoring_system epss
scoring_elements 0.29711
published_at 2026-06-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-43402
2
reference_url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)
reference_id
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20(1)
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2136379
reference_id 2136379
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2136379
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-43402
reference_id CVE-2022-43402
reference_type
scores
0
value 9.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-43402
5
reference_url https://github.com/advisories/GHSA-mqc2-w9r8-mmxm
reference_id GHSA-mqc2-w9r8-mmxm
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mqc2-w9r8-mmxm
6
reference_url https://access.redhat.com/errata/RHSA-2023:0560
reference_id RHSA-2023:0560
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0560
7
reference_url https://access.redhat.com/errata/RHSA-2023:0777
reference_id RHSA-2023:0777
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0777
8
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
9
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
fixed_packages
aliases CVE-2022-43402, GHSA-mqc2-w9r8-mmxm
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwkg-gh5x-t7a4
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.9.1675668922-1%3Farch=el8