Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jenkins-ci.main/jenkins-core@1.533
Typemaven
Namespaceorg.jenkins-ci.main
Namejenkins-core
Version1.533
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version1.551
Latest_non_vulnerable_version2.555
Affected_by_vulnerabilities
0
url VCID-7p52-ttmr-ekf9
vulnerability_id VCID-7p52-ttmr-ekf9
summary 
Jenkins allows attackers to execute arbitrary jobs
BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-7330.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2058
reference_id
reference_type
scores
0
value 0.00056
scoring_system epss
scoring_elements 0.17877
published_at 2026-06-09T12:55:00Z
1
value 0.00056
scoring_system epss
scoring_elements 0.17896
published_at 2026-06-04T12:55:00Z
2
value 0.00056
scoring_system epss
scoring_elements 0.17974
published_at 2026-06-05T12:55:00Z
3
value 0.00056
scoring_system epss
scoring_elements 0.17971
published_at 2026-06-06T12:55:00Z
4
value 0.00056
scoring_system epss
scoring_elements 0.17935
published_at 2026-06-07T12:55:00Z
5
value 0.00056
scoring_system epss
scoring_elements 0.17858
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2058
1
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
2
reference_url https://github.com/jenkinsci/jenkins/commit/b6b2a367a7976be80a799c6a49fa6c58d778b50e
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/b6b2a367a7976be80a799c6a49fa6c58d778b50e
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2058
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2058
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
5
reference_url http://www.openwall.com/lists/oss-security/2014/02/21/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/21/2
6
reference_url https://github.com/advisories/GHSA-7fpg-pp3m-h22f
reference_id GHSA-7fpg-pp3m-h22f
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7fpg-pp3m-h22f
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
aliases CVE-2014-2058, GHSA-7fpg-pp3m-h22f
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7p52-ttmr-ekf9
1
url VCID-dyzn-kn37-9ub7
vulnerability_id VCID-dyzn-kn37-9ub7
summary 
Jenkins cross-site scripting (XSS) vulnerability
Cross-site scripting (XSS) vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to inject arbitrary web script or HTML via the iconSize cookie.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2065.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2065.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2065
reference_id
reference_type
scores
0
value 0.00137
scoring_system epss
scoring_elements 0.33453
published_at 2026-06-09T12:55:00Z
1
value 0.00137
scoring_system epss
scoring_elements 0.33382
published_at 2026-06-04T12:55:00Z
2
value 0.00137
scoring_system epss
scoring_elements 0.33484
published_at 2026-06-05T12:55:00Z
3
value 0.00137
scoring_system epss
scoring_elements 0.335
published_at 2026-06-06T12:55:00Z
4
value 0.00137
scoring_system epss
scoring_elements 0.33465
published_at 2026-06-07T12:55:00Z
5
value 0.00137
scoring_system epss
scoring_elements 0.33431
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2065
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/a0b00508eeb74d7033dc4100eb382df4e8fa72e7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/a0b00508eeb74d7033dc4100eb382df4e8fa72e7
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2065
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2065
5
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
6
reference_url http://www.openwall.com/lists/oss-security/2014/02/21/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/21/2
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1067820
reference_id 1067820
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1067820
8
reference_url https://github.com/advisories/GHSA-fxj8-cqcp-3vgq
reference_id GHSA-fxj8-cqcp-3vgq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fxj8-cqcp-3vgq
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
aliases CVE-2014-2065, GHSA-fxj8-cqcp-3vgq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dyzn-kn37-9ub7
2
url VCID-gngu-jj3a-8fhk
vulnerability_id VCID-gngu-jj3a-8fhk
summary 
Jenkins cross-site scripting (XSS) vulnerability
Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to inject arbitrary web script or HTML via a "remote cause note."
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2067.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2067.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2067
reference_id
reference_type
scores
0
value 0.00109
scoring_system epss
scoring_elements 0.28822
published_at 2026-06-09T12:55:00Z
1
value 0.00109
scoring_system epss
scoring_elements 0.28848
published_at 2026-06-04T12:55:00Z
2
value 0.00109
scoring_system epss
scoring_elements 0.28919
published_at 2026-06-05T12:55:00Z
3
value 0.00109
scoring_system epss
scoring_elements 0.28883
published_at 2026-06-06T12:55:00Z
4
value 0.00109
scoring_system epss
scoring_elements 0.28847
published_at 2026-06-07T12:55:00Z
5
value 0.00109
scoring_system epss
scoring_elements 0.28812
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2067
2
reference_url http://seclists.org/oss-sec/2014/q1/421
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2014/q1/421
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/91354
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/91354
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/5d57c855f3147bfc5e7fda9252317b428a700014
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/5d57c855f3147bfc5e7fda9252317b428a700014
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2067
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2067
7
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1067832
reference_id 1067832
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1067832
9
reference_url https://github.com/advisories/GHSA-vj6q-v2h7-6q5m
reference_id GHSA-vj6q-v2h7-6q5m
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vj6q-v2h7-6q5m
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
aliases CVE-2014-2067, GHSA-vj6q-v2h7-6q5m
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gngu-jj3a-8fhk
3
url VCID-jrar-ahy7-4ud5
vulnerability_id VCID-jrar-ahy7-4ud5
summary 
Jenkins directory traversal vulnerability
Directory traversal vulnerability in the CLI job creation (hudson/cli/CreateJobCommand.java) in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2059.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2059.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2059
reference_id
reference_type
scores
0
value 0.01968
scoring_system epss
scoring_elements 0.83881
published_at 2026-06-09T12:55:00Z
1
value 0.01968
scoring_system epss
scoring_elements 0.83854
published_at 2026-06-04T12:55:00Z
2
value 0.01968
scoring_system epss
scoring_elements 0.83877
published_at 2026-06-05T12:55:00Z
3
value 0.01968
scoring_system epss
scoring_elements 0.8388
published_at 2026-06-06T12:55:00Z
4
value 0.01968
scoring_system epss
scoring_elements 0.83875
published_at 2026-06-07T12:55:00Z
5
value 0.01968
scoring_system epss
scoring_elements 0.83866
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2059
2
reference_url http://seclists.org/oss-sec/2014/q1/421
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2014/q1/421
3
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/91346
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://exchange.xforce.ibmcloud.com/vulnerabilities/91346
4
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
5
reference_url https://github.com/jenkinsci/jenkins/commit/ad38d8480f20ce3cbf8fec3e2003bc83efda4f7d
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/ad38d8480f20ce3cbf8fec3e2003bc83efda4f7d
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2059
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2059
7
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1067801
reference_id 1067801
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1067801
9
reference_url https://github.com/advisories/GHSA-v759-3fh9-84mx
reference_id GHSA-v759-3fh9-84mx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-v759-3fh9-84mx
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
aliases CVE-2014-2059, GHSA-v759-3fh9-84mx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jrar-ahy7-4ud5
4
url VCID-k36j-f4b3-8bfj
vulnerability_id VCID-k36j-f4b3-8bfj
summary 
Jenkin allows attackers to obtain passwords by reading the HTML source code
The input control in PasswordParameterDefinition in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to obtain passwords by reading the HTML source code, related to the default value.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2061.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2061.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2061
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.52052
published_at 2026-06-09T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.52014
published_at 2026-06-04T12:55:00Z
2
value 0.00284
scoring_system epss
scoring_elements 0.52075
published_at 2026-06-05T12:55:00Z
3
value 0.00284
scoring_system epss
scoring_elements 0.52084
published_at 2026-06-06T12:55:00Z
4
value 0.00284
scoring_system epss
scoring_elements 0.52064
published_at 2026-06-07T12:55:00Z
5
value 0.00284
scoring_system epss
scoring_elements 0.52032
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2061
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/bf539198564a1108b7b71a973bf7de963a6213ef
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/bf539198564a1108b7b71a973bf7de963a6213ef
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2061
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2061
5
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
6
reference_url http://www.openwall.com/lists/oss-security/2014/02/21/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/21/2
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1067808
reference_id 1067808
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1067808
8
reference_url https://github.com/advisories/GHSA-rxfv-gm5x-9wqj
reference_id GHSA-rxfv-gm5x-9wqj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rxfv-gm5x-9wqj
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
aliases CVE-2014-2061, GHSA-rxfv-gm5x-9wqj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k36j-f4b3-8bfj
5
url VCID-pd5w-n7r7-b7g8
vulnerability_id VCID-pd5w-n7r7-b7g8
summary 
Jenkins allows Remote Attackers to Hijack Sessions
The Winstone servlet container in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to hijack sessions via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2060.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2060.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2060
reference_id
reference_type
scores
0
value 0.00145
scoring_system epss
scoring_elements 0.34627
published_at 2026-06-05T12:55:00Z
1
value 0.00145
scoring_system epss
scoring_elements 0.34592
published_at 2026-06-09T12:55:00Z
2
value 0.00145
scoring_system epss
scoring_elements 0.34574
published_at 2026-06-08T12:55:00Z
3
value 0.00145
scoring_system epss
scoring_elements 0.34644
published_at 2026-06-06T12:55:00Z
4
value 0.00145
scoring_system epss
scoring_elements 0.34529
published_at 2026-06-04T12:55:00Z
5
value 0.00145
scoring_system epss
scoring_elements 0.34608
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2060
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2060
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2060
4
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
5
reference_url http://www.openwall.com/lists/oss-security/2014/02/21/2
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/21/2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1067806
reference_id 1067806
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1067806
7
reference_url https://github.com/advisories/GHSA-9c26-cf8c-mw43
reference_id GHSA-9c26-cf8c-mw43
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9c26-cf8c-mw43
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
aliases CVE-2014-2060, GHSA-9c26-cf8c-mw43
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pd5w-n7r7-b7g8
6
url VCID-rczn-8mhg-r3gt
vulnerability_id VCID-rczn-8mhg-r3gt
summary 
Jenkins allows attackers to determine whether a user exists
The loadUserByUsername function in hudson/security/HudsonPrivateSecurityRealm.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to determine whether a user exists via vectors related to failed login attempts.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2064.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2064.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2064
reference_id
reference_type
scores
0
value 0.00389
scoring_system epss
scoring_elements 0.60339
published_at 2026-06-09T12:55:00Z
1
value 0.00389
scoring_system epss
scoring_elements 0.60301
published_at 2026-06-04T12:55:00Z
2
value 0.00389
scoring_system epss
scoring_elements 0.60348
published_at 2026-06-05T12:55:00Z
3
value 0.00389
scoring_system epss
scoring_elements 0.60351
published_at 2026-06-06T12:55:00Z
4
value 0.00389
scoring_system epss
scoring_elements 0.60338
published_at 2026-06-07T12:55:00Z
5
value 0.00389
scoring_system epss
scoring_elements 0.60321
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2064
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/fbf96734470caba9364f04e0b77b0bae7293a1ec
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/fbf96734470caba9364f04e0b77b0bae7293a1ec
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2064
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2064
5
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
6
reference_url http://www.openwall.com/lists/oss-security/2014/02/21/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/21/2
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1067817
reference_id 1067817
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1067817
8
reference_url https://github.com/advisories/GHSA-9vg9-x38g-9hfx
reference_id GHSA-9vg9-x38g-9hfx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9vg9-x38g-9hfx
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
aliases CVE-2014-2064, GHSA-9vg9-x38g-9hfx
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rczn-8mhg-r3gt
7
url VCID-u5tc-wg7e-hugj
vulnerability_id VCID-u5tc-wg7e-hugj
summary 
Jenkins Vulnerable to Clickjacking
Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to conduct clickjacking attacks via unspecified vectors.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2063.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2063.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2063
reference_id
reference_type
scores
0
value 0.00428
scoring_system epss
scoring_elements 0.62837
published_at 2026-06-09T12:55:00Z
1
value 0.00428
scoring_system epss
scoring_elements 0.62823
published_at 2026-06-08T12:55:00Z
2
value 0.00428
scoring_system epss
scoring_elements 0.62794
published_at 2026-06-04T12:55:00Z
3
value 0.00428
scoring_system epss
scoring_elements 0.62836
published_at 2026-06-07T12:55:00Z
4
value 0.00428
scoring_system epss
scoring_elements 0.62846
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2063
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/16931bd7bf7560e26ef98328b8e95e803d0e90f6
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/16931bd7bf7560e26ef98328b8e95e803d0e90f6
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2063
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2063
5
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
6
reference_url http://www.openwall.com/lists/oss-security/2014/02/21/2
reference_id
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/21/2
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1067812
reference_id 1067812
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1067812
8
reference_url https://github.com/advisories/GHSA-w3f5-gq7j-m797
reference_id GHSA-w3f5-gq7j-m797
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w3f5-gq7j-m797
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
aliases CVE-2014-2063, GHSA-w3f5-gq7j-m797
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u5tc-wg7e-hugj
8
url VCID-xazs-qswk-97hg
vulnerability_id VCID-xazs-qswk-97hg
summary 
Jenkins session fixation vulnerability
Session fixation vulnerability in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to hijack web sessions via vectors involving the "override" of Jenkins cookies.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2066.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2066.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2066
reference_id
reference_type
scores
0
value 0.00138
scoring_system epss
scoring_elements 0.33647
published_at 2026-06-09T12:55:00Z
1
value 0.00138
scoring_system epss
scoring_elements 0.33578
published_at 2026-06-04T12:55:00Z
2
value 0.00138
scoring_system epss
scoring_elements 0.33679
published_at 2026-06-05T12:55:00Z
3
value 0.00138
scoring_system epss
scoring_elements 0.33693
published_at 2026-06-06T12:55:00Z
4
value 0.00138
scoring_system epss
scoring_elements 0.33659
published_at 2026-06-07T12:55:00Z
5
value 0.00138
scoring_system epss
scoring_elements 0.33625
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2066
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/8ac74c350779921598f9d5edfed39dd35de8842a
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/8ac74c350779921598f9d5edfed39dd35de8842a
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2066
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2066
5
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
6
reference_url http://www.openwall.com/lists/oss-security/2014/02/21/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/21/2
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1067827
reference_id 1067827
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1067827
8
reference_url https://github.com/advisories/GHSA-8jfx-h6q2-v4g3
reference_id GHSA-8jfx-h6q2-v4g3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8jfx-h6q2-v4g3
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
aliases CVE-2014-2066, GHSA-8jfx-h6q2-v4g3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xazs-qswk-97hg
9
url VCID-z5nz-eya3-ebez
vulnerability_id VCID-z5nz-eya3-ebez
summary 
Jenkins allows attackers to obtain sensitive information
The doIndex function in hudson/util/RemotingDiagnostics.java in CloudBees Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users with the ADMINISTER permission to obtain sensitive information via vectors related to heapDump.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2068.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2068.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2068
reference_id
reference_type
scores
0
value 0.00085
scoring_system epss
scoring_elements 0.24642
published_at 2026-06-09T12:55:00Z
1
value 0.00085
scoring_system epss
scoring_elements 0.24658
published_at 2026-06-04T12:55:00Z
2
value 0.00085
scoring_system epss
scoring_elements 0.24757
published_at 2026-06-05T12:55:00Z
3
value 0.00085
scoring_system epss
scoring_elements 0.24747
published_at 2026-06-06T12:55:00Z
4
value 0.00085
scoring_system epss
scoring_elements 0.24691
published_at 2026-06-07T12:55:00Z
5
value 0.00085
scoring_system epss
scoring_elements 0.24633
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2068
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/0530a6645aac10fec005614211660e98db44b5eb
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/0530a6645aac10fec005614211660e98db44b5eb
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2068
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2068
5
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
6
reference_url http://www.openwall.com/lists/oss-security/2014/02/21/2
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/21/2
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1067835
reference_id 1067835
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1067835
8
reference_url https://github.com/advisories/GHSA-pv88-j6rg-r56p
reference_id GHSA-pv88-j6rg-r56p
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pv88-j6rg-r56p
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
aliases CVE-2014-2068, GHSA-pv88-j6rg-r56p
risk_score 1.4
exploitability 0.5
weighted_severity 2.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z5nz-eya3-ebez
10
url VCID-zwgz-acg7-sbh3
vulnerability_id VCID-zwgz-acg7-sbh3
summary 
Jenkins does not invalidate the API token when a user is deleted
Jenkins before 1.551 and LTS before 1.532.2 does not invalidate the API token when a user is deleted, which allows remote authenticated users to retain access via the token.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2062.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-2062.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-2062
reference_id
reference_type
scores
0
value 0.00186
scoring_system epss
scoring_elements 0.40268
published_at 2026-06-09T12:55:00Z
1
value 0.00186
scoring_system epss
scoring_elements 0.40227
published_at 2026-06-04T12:55:00Z
2
value 0.00186
scoring_system epss
scoring_elements 0.40308
published_at 2026-06-05T12:55:00Z
3
value 0.00186
scoring_system epss
scoring_elements 0.40311
published_at 2026-06-06T12:55:00Z
4
value 0.00186
scoring_system epss
scoring_elements 0.40284
published_at 2026-06-07T12:55:00Z
5
value 0.00186
scoring_system epss
scoring_elements 0.40254
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-2062
2
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
3
reference_url https://github.com/jenkinsci/jenkins/commit/5548b5220cfd496831b5721124189ff18fbb12a3
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/5548b5220cfd496831b5721124189ff18fbb12a3
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-2062
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-2062
5
reference_url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
6
reference_url http://www.openwall.com/lists/oss-security/2014/02/21/2
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/02/21/2
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1067811
reference_id 1067811
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1067811
8
reference_url https://github.com/advisories/GHSA-vxc6-wvh8-fpxw
reference_id GHSA-vxc6-wvh8-fpxw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-vxc6-wvh8-fpxw
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.551
aliases CVE-2014-2062, GHSA-vxc6-wvh8-fpxw
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zwgz-acg7-sbh3
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.533