{"url":"http://public2.vulnerablecode.io/api/packages/347324?format=json","purl":"pkg:rpm/redhat/jenkins-2-plugins@4.1.1561471763-1?arch=el7","type":"rpm","namespace":"redhat","name":"jenkins-2-plugins","version":"4.1.1561471763-1","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/309369?format=json","vulnerability_id":"VCID-7hb9-jjm1-r3gq","summary":"","references":[{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1636","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:1636"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10337.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10337.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10337","reference_id":"","reference_type":"","scores":[{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45213","published_at":"2026-06-11T12:55:00Z"},{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45363","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00224","scoring_system":"epss","scoring_elements":"0.45375","published_at":"2026-06-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10337"},{"reference_url":"https://github.com/jenkinsci/token-macro-plugin","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jenkinsci/token-macro-plugin"},{"reference_url":"https://github.com/jenkinsci/token-macro-plugin/commit/004319f1b6e2a0f097a096b9df9dc19a5ac0d9b0","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jenkinsci/token-macro-plugin/commit/004319f1b6e2a0f097a096b9df9dc19a5ac0d9b0"},{"reference_url":"https://jenkins.io/security/advisory/2019-06-11/#SECURITY-1399","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jenkins.io/security/advisory/2019-06-11/#SECURITY-1399"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10337","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10337"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/06/11/1","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/06/11/1"},{"reference_url":"http://www.securityfocus.com/bid/108747","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/108747"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1719782","reference_id":"1719782","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1719782"},{"reference_url":"https://github.com/advisories/GHSA-g6h2-4x64-c59x","reference_id":"GHSA-g6h2-4x64-c59x","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-g6h2-4x64-c59x"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1851","reference_id":"RHSA-2019:1851","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:1851"}],"fixed_packages":[],"aliases":["CVE-2019-10337","GHSA-g6h2-4x64-c59x"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7hb9-jjm1-r3gq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/210587?format=json","vulnerability_id":"VCID-aypb-n5x1-s3hb","summary":"Unsafe entry in Script Security list of approved signatures in Pipeline Remote Loader Plugin","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2019:1605","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHBA-2019:1605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1636","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:1636"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10328.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10328.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10328","reference_id":"","reference_type":"","scores":[{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50501","published_at":"2026-06-14T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50514","published_at":"2026-06-13T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50496","published_at":"2026-06-12T12:55:00Z"},{"value":"0.00266","scoring_system":"epss","scoring_elements":"0.50363","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10328"},{"reference_url":"https://github.com/jenkinsci/workflow-remote-loader-plugin","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jenkinsci/workflow-remote-loader-plugin"},{"reference_url":"https://github.com/jenkinsci/workflow-remote-loader-plugin/commit/6f9d60f614359720ec98e22b80ba15e8bf88e712","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jenkinsci/workflow-remote-loader-plugin/commit/6f9d60f614359720ec98e22b80ba15e8bf88e712"},{"reference_url":"https://jenkins.io/security/advisory/2019-05-31/#SECURITY-921","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jenkins.io/security/advisory/2019-05-31/#SECURITY-921"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/05/31/2","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/05/31/2"},{"reference_url":"http://www.securityfocus.com/bid/108540","reference_id":"","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/108540"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716794","reference_id":"1716794","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1716794"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10328","reference_id":"CVE-2019-10328","reference_type":"","scores":[{"value":"9.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H"},{"value":"CRITICAL","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10328"},{"reference_url":"https://github.com/advisories/GHSA-v558-fhw2-v46w","reference_id":"GHSA-v558-fhw2-v46w","reference_type":"","scores":[{"value":"CRITICAL","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-v558-fhw2-v46w"}],"fixed_packages":[],"aliases":["CVE-2019-10328","GHSA-v558-fhw2-v46w"],"risk_score":4.5,"exploitability":"0.5","weighted_severity":"9.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-aypb-n5x1-s3hb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/309362?format=json","vulnerability_id":"VCID-hbgg-4r96-4qax","summary":"","references":[{"reference_url":"https://access.redhat.com/errata/RHBA-2019:1605","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHBA-2019:1605"},{"reference_url":"https://access.redhat.com/errata/RHSA-2019:1636","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://access.redhat.com/errata/RHSA-2019:1636"},{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10320.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10320.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10320","reference_id":"","reference_type":"","scores":[{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.19113","published_at":"2026-06-11T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.19282","published_at":"2026-06-12T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.19303","published_at":"2026-06-13T12:55:00Z"},{"value":"0.0006","scoring_system":"epss","scoring_elements":"0.1928","published_at":"2026-06-14T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-10320"},{"reference_url":"http://seclists.org/fulldisclosure/2019/May/39","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://seclists.org/fulldisclosure/2019/May/39"},{"reference_url":"https://github.com/jenkinsci/credentials-plugin/commit/40d0b5cc53c265b601ffaa4469310fad390a80fb","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/jenkinsci/credentials-plugin/commit/40d0b5cc53c265b601ffaa4469310fad390a80fb"},{"reference_url":"https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://jenkins.io/security/advisory/2019-05-21/#SECURITY-1322"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10320","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-10320"},{"reference_url":"https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320"},{"reference_url":"https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320/","reference_id":"","reference_type":"","scores":[],"url":"https://wwws.nightwatchcybersecurity.com/2019/05/23/exploring-the-file-system-via-jenkins-credentials-plugin-vulnerability-cve-2019-10320/"},{"reference_url":"http://www.openwall.com/lists/oss-security/2019/05/21/1","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.openwall.com/lists/oss-security/2019/05/21/1"},{"reference_url":"http://www.securityfocus.com/bid/108462","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"},{"value":"MODERATE","scoring_system":"generic_textual","scoring_elements":""}],"url":"http://www.securityfocus.com/bid/108462"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1714054","reference_id":"1714054","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1714054"},{"reference_url":"https://github.com/advisories/GHSA-xm94-9jw8-p6hw","reference_id":"GHSA-xm94-9jw8-p6hw","reference_type":"","scores":[{"value":"MODERATE","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-xm94-9jw8-p6hw"}],"fixed_packages":[],"aliases":["CVE-2019-10320","GHSA-xm94-9jw8-p6hw"],"risk_score":3.1,"exploitability":"0.5","weighted_severity":"6.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hbgg-4r96-4qax"}],"fixing_vulnerabilities":[],"risk_score":"4.5","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.1.1561471763-1%3Farch=el7"}