Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jenkins-ci.main/jenkins-core@2.73.1
Typemaven
Namespaceorg.jenkins-ci.main
Namejenkins-core
Version2.73.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.84
Latest_non_vulnerable_version2.551
Affected_by_vulnerabilities
0
url VCID-32pa-nzy7-v7ap
vulnerability_id VCID-32pa-nzy7-v7ap
summary 
Improper Input Validation
The Jenkins default form control for passwords and other secrets, `<f:password/>`, supports form validation. The form validation AJAX requests were sent via GET, which could result in secrets being logged to an HTTP access log in non-default configurations of Jenkins, and made available to users with access to these log files.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000401
reference_id
reference_type
scores
0
value 0.00039
scoring_system epss
scoring_elements 0.11898
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000401
1
reference_url https://github.com/jenkinsci/jenkins/blob/6d179998e18adfbaa4e443c7e837135bf36c53d7/test/src/test/java/lib/form/PasswordTest.java
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/blob/6d179998e18adfbaa4e443c7e837135bf36c53d7/test/src/test/java/lib/form/PasswordTest.java
2
reference_url https://github.com/jenkinsci/jenkins/commit/09d60462b9edf775f08568601bb3e2cfd8075368
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/09d60462b9edf775f08568601bb3e2cfd8075368
3
reference_url https://jenkins.io/security/advisory/2017-10-11
reference_id
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2017-10-11
4
reference_url https://jenkins.io/security/advisory/2017-10-11/
reference_id
reference_type
scores
url https://jenkins.io/security/advisory/2017-10-11/
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000401
reference_id CVE-2017-1000401
reference_type
scores
0
value 2.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000401
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ejbv-1vm8-gye4
1
vulnerability VCID-xng4-z3mv-r7ec
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
2
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
aliases CVE-2017-1000401, GHSA-h8c5-c92g-jq6x
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-32pa-nzy7-v7ap
1
url VCID-d43t-b3f6-4qh6
vulnerability_id VCID-d43t-b3f6-4qh6
summary 
Information Exposure
The Jenkins remote API at `/queue/item/(ID)/api` showed information about tasks in the queue (typically builds waiting to start). This included information about tasks that the current user otherwise has no access.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000399
reference_id
reference_type
scores
0
value 0.00275
scoring_system epss
scoring_elements 0.51153
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000399
1
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
2
reference_url https://github.com/jenkinsci/jenkins/blob/6d179998e18adfbaa4e443c7e837135bf36c53d7/test/src/test/java/hudson/model/QueueTest.java
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/blob/6d179998e18adfbaa4e443c7e837135bf36c53d7/test/src/test/java/hudson/model/QueueTest.java
3
reference_url https://github.com/jenkinsci/jenkins/commit/3ff432ace14d8f4544c88a179a2f7a962eb98ba6
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/3ff432ace14d8f4544c88a179a2f7a962eb98ba6
4
reference_url https://jenkins.io/security/advisory/2017-10-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2017-10-11
5
reference_url https://jenkins.io/security/advisory/2017-10-11/
reference_id
reference_type
scores
url https://jenkins.io/security/advisory/2017-10-11/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000399
reference_id CVE-2017-1000399
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000399
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ejbv-1vm8-gye4
1
vulnerability VCID-xng4-z3mv-r7ec
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
2
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
aliases CVE-2017-1000399, GHSA-g78x-xmv8-23xp
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d43t-b3f6-4qh6
2
url VCID-hkq2-zykf-kugj
vulnerability_id VCID-hkq2-zykf-kugj
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000393
reference_id
reference_type
scores
0
value 0.01303
scoring_system epss
scoring_elements 0.80075
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000393
1
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
2
reference_url https://github.com/jenkinsci/jenkins/commit/67f68c181033cbabf2075769e0f846f58c226c08
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/67f68c181033cbabf2075769e0f846f58c226c08
3
reference_url https://github.com/jenkinsci/jenkins/commit/d7ea3f40efedd50541a57b943d5f7bbed046d091
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/d7ea3f40efedd50541a57b943d5f7bbed046d091
4
reference_url https://jenkins.io/security/advisory/2017-10-11
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2017-10-11
5
reference_url https://jenkins.io/security/advisory/2017-10-11/
reference_id
reference_type
scores
url https://jenkins.io/security/advisory/2017-10-11/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000393
reference_id CVE-2017-1000393
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000393
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ejbv-1vm8-gye4
1
vulnerability VCID-xng4-z3mv-r7ec
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
2
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
aliases CVE-2017-1000393, GHSA-j472-mcq2-95p6
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hkq2-zykf-kugj
3
url VCID-j6v8-fjp5-m7ds
vulnerability_id VCID-j6v8-fjp5-m7ds
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000398
reference_id
reference_type
scores
0
value 0.00188
scoring_system epss
scoring_elements 0.4049
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000398
1
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
2
reference_url https://github.com/jenkinsci/jenkins/blob/e27b310065b3c036b5fc9d123f1d1d99d3058c00/test/src/test/java/hudson/model/ExecutorTest.java
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/blob/e27b310065b3c036b5fc9d123f1d1d99d3058c00/test/src/test/java/hudson/model/ExecutorTest.java
3
reference_url https://github.com/jenkinsci/jenkins/commit/da06fd471cea79123821c778228eeb08e1cedcc7
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/da06fd471cea79123821c778228eeb08e1cedcc7
4
reference_url https://jenkins.io/security/advisory/2017-10-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2017-10-11
5
reference_url https://jenkins.io/security/advisory/2017-10-11/
reference_id
reference_type
scores
url https://jenkins.io/security/advisory/2017-10-11/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000398
reference_id CVE-2017-1000398
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000398
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ejbv-1vm8-gye4
1
vulnerability VCID-xng4-z3mv-r7ec
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
2
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
aliases CVE-2017-1000398, GHSA-h972-cwjv-2v39
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j6v8-fjp5-m7ds
4
url VCID-j9fd-bscd-dudw
vulnerability_id VCID-j9fd-bscd-dudw
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000400
reference_id
reference_type
scores
0
value 0.00112
scoring_system epss
scoring_elements 0.29312
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000400
1
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
2
reference_url https://github.com/jenkinsci/jenkins/blob/6d179998e18adfbaa4e443c7e837135bf36c53d7/test/src/test/java/hudson/model/AbstractProjectTest.java
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/blob/6d179998e18adfbaa4e443c7e837135bf36c53d7/test/src/test/java/hudson/model/AbstractProjectTest.java
3
reference_url https://github.com/jenkinsci/jenkins/commit/b2083a387a5bdb6f7ee7f7c81a1f6312aca2a558
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/b2083a387a5bdb6f7ee7f7c81a1f6312aca2a558
4
reference_url https://jenkins.io/security/advisory/2017-10-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2017-10-11
5
reference_url https://jenkins.io/security/advisory/2017-10-11/
reference_id
reference_type
scores
url https://jenkins.io/security/advisory/2017-10-11/
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000400
reference_id CVE-2017-1000400
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000400
7
reference_url https://github.com/advisories/GHSA-p8x8-p473-mmmv
reference_id GHSA-p8x8-p473-mmmv
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-p8x8-p473-mmmv
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ejbv-1vm8-gye4
1
vulnerability VCID-xng4-z3mv-r7ec
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
2
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
aliases CVE-2017-1000400, GHSA-p8x8-p473-mmmv
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j9fd-bscd-dudw
5
url VCID-numr-pkmf-nqhf
vulnerability_id VCID-numr-pkmf-nqhf
summary 
Improper Certificate Validation
Jenkins bundled a version of the commons-httpclient library that incorrectly verified SSL certificates, making it susceptible to man-in-the-middle attacks.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000396
reference_id
reference_type
scores
0
value 0.0004
scoring_system epss
scoring_elements 0.12583
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000396
1
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
2
reference_url https://github.com/jenkinsci/jenkins/commit/fe77d1c3dbf91ddf2a9f8e5ed882611455ab00d0
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/fe77d1c3dbf91ddf2a9f8e5ed882611455ab00d0
3
reference_url https://jenkins.io/security/advisory/2017-10-11
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2017-10-11
4
reference_url https://jenkins.io/security/advisory/2017-10-11/
reference_id
reference_type
scores
url https://jenkins.io/security/advisory/2017-10-11/
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000396
reference_id CVE-2017-1000396
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000396
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ejbv-1vm8-gye4
1
vulnerability VCID-xng4-z3mv-r7ec
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
2
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
aliases CVE-2017-1000396, GHSA-fq9f-9wv9-rfmg
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-numr-pkmf-nqhf
6
url VCID-qq9u-naap-zyfp
vulnerability_id VCID-qq9u-naap-zyfp
summary 
Improper Input Validation
Jenkins bundles a version of the commons-fileupload library with a denial-of-service vulnerability.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000394
reference_id
reference_type
scores
0
value 0.005
scoring_system epss
scoring_elements 0.66252
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000394
1
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
2
reference_url https://github.com/jenkinsci/jenkins/commit/ea981a029cb985b71f3a0dc0f9ce3b3e3e6c001b
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/ea981a029cb985b71f3a0dc0f9ce3b3e3e6c001b
3
reference_url https://jenkins.io/security/advisory/2017-10-11
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2017-10-11
4
reference_url https://jenkins.io/security/advisory/2017-10-11/
reference_id
reference_type
scores
url https://jenkins.io/security/advisory/2017-10-11/
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000394
reference_id CVE-2017-1000394
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000394
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ejbv-1vm8-gye4
1
vulnerability VCID-xng4-z3mv-r7ec
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
2
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
aliases CVE-2017-1000394, GHSA-f7f6-xrwc-9c57
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qq9u-naap-zyfp
7
url VCID-v7cw-mt1y-1ydw
vulnerability_id VCID-v7cw-mt1y-1ydw
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000395
reference_id
reference_type
scores
0
value 0.00107
scoring_system epss
scoring_elements 0.28521
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000395
1
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins
2
reference_url https://github.com/jenkinsci/jenkins/commit/7b1f8e96a8d97dd09e5e093fcdb010b3295acc77
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/7b1f8e96a8d97dd09e5e093fcdb010b3295acc77
3
reference_url https://jenkins.io/security/advisory/2017-10-11
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2017-10-11
4
reference_url https://jenkins.io/security/advisory/2017-10-11/
reference_id
reference_type
scores
url https://jenkins.io/security/advisory/2017-10-11/
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000395
reference_id CVE-2017-1000395
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000395
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ejbv-1vm8-gye4
1
vulnerability VCID-xng4-z3mv-r7ec
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.2
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.84
2
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.86
aliases CVE-2017-1000395, GHSA-wqv4-9gr3-3qgh
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v7cw-mt1y-1ydw
Fixing_vulnerabilities
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.73.1