Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/54512?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/54512?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.583", "type": "maven", "namespace": "org.jenkins-ci.main", "name": "jenkins-core", "version": "1.583", "qualifiers": {}, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": "1.586", "latest_non_vulnerable_version": "2.555", "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15470?format=api", "vulnerability_id": "VCID-1zas-w8w2-4ydr", "summary": "Jenkins Cross-site Scripting vulnerability\nCross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3681.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3681.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3681", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48123", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48243", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48199", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48181", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48191", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48139", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48057", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48133", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.4817", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.4819", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.4814", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48194", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48188", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48212", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48186", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48197", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00249", "scoring_system": "epss", "scoring_elements": "0.48248", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3681" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147766", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147766" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96975", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96975" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3681", "reference_id": "CVE-2014-3681", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3681" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3681", "reference_id": "CVE-2014-3681", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:N/C:N/I:P/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3681" }, { "reference_url": "https://github.com/advisories/GHSA-cwh9-f8m6-6r63", "reference_id": "GHSA-cwh9-f8m6-6r63", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-cwh9-f8m6-6r63" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54513?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54512?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.583", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.583" } ], "aliases": [ "CVE-2014-3681", "GHSA-cwh9-f8m6-6r63" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1zas-w8w2-4ydr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55568?format=api", "vulnerability_id": "VCID-2vbv-gzfv-83ae", "summary": "Jenkins allows remote authenticated users to bypass intended restrictions and create or destroy arbitrary jobs\nJenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/CONFIGURE permission to bypass intended restrictions and create or destroy arbitrary jobs via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3663.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3663.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3663", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3663" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20071", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20242", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2012", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20115", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20083", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.19996", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20255", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20399", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20459", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20184", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20265", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20324", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20354", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20309", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.2025", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20239", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00065", "scoring_system": "epss", "scoring_elements": "0.20244", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3663" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147764", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147764" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3663", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:M/Au:S/C:P/I:P/A:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3663" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-64mc-2m9p-23c8", "reference_id": "GHSA-64mc-2m9p-23c8", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-64mc-2m9p-23c8" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54513?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54512?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.583", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.583" } ], "aliases": [ "CVE-2014-3663", "GHSA-64mc-2m9p-23c8" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2vbv-gzfv-83ae" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54856?format=api", "vulnerability_id": "VCID-6qdw-fvzm-4kdx", "summary": "Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability\nJenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3662.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3662.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3662", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3662" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3662", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28374", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28772", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.2866", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28548", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28475", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28316", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28869", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28946", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28996", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28803", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.2887", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28912", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28916", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28873", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28823", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28845", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00107", "scoring_system": "epss", "scoring_elements": "0.28822", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3662" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147759", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147759" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3662", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3662" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-fxqr-px2m-fvc2", "reference_id": "GHSA-fxqr-px2m-fvc2", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fxqr-px2m-fvc2" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54513?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54512?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.583", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.583" } ], "aliases": [ "CVE-2014-3662", "GHSA-fxqr-px2m-fvc2" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6qdw-fvzm-4kdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57675?format=api", "vulnerability_id": "VCID-7p5d-b885-sycx", "summary": "Jenkins allows Remote Users to Obtain Sensitive Information from a Plugin Code\nJenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with the Overall/READ permission to obtain sensitive information by reading the plugin code.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3667.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3667.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3667", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3667" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3667", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17414", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17168", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.1708", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17219", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17281", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17304", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17442", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17502", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17515", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17466", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17398", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17356", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17364", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17524", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17569", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.1735", "published_at": "2026-04-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3667" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147770", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147770" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/f0a29b562e14d837912c6b35fa4e81478563813a", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/f0a29b562e14d837912c6b35fa4e81478563813a" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3667", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:N/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3667" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-5xm3-48v5-6h7v", "reference_id": "GHSA-5xm3-48v5-6h7v", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-5xm3-48v5-6h7v" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54513?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54512?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.583", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.583" } ], "aliases": [ "CVE-2014-3667", "GHSA-5xm3-48v5-6h7v" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7p5d-b885-sycx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/57983?format=api", "vulnerability_id": "VCID-c43n-xyfr-aqbe", "summary": "Jenkins Path Traversal vulnerability\nDirectory traversal vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Overall/READ permission to read arbitrary files via unspecified vectors.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3664.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3664.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3664", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3664" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3664", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.40924", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41287", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41185", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41074", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.4107", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.40989", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.4085", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41162", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41254", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41284", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41208", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41258", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41266", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41288", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41256", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00193", "scoring_system": "epss", "scoring_elements": "0.41243", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3664" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147765", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147765" }, { "reference_url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96973", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96973" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3664", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3664" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-3gp5-92h5-h855", "reference_id": "GHSA-3gp5-92h5-h855", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-3gp5-92h5-h855" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54513?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54512?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.583", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.583" } ], "aliases": [ "CVE-2014-3664", "GHSA-3gp5-92h5-h855" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-c43n-xyfr-aqbe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/15933?format=api", "vulnerability_id": "VCID-r79s-gp2g-13b7", "summary": "Jenkins Denial of Service vulnerability\nCVE-2014-3661 jenkins: denial of service (SECURITY-87)", "references": [ { "reference_url": "https://access.redhat.com/errata/RHBA-2014:1630", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHBA-2014:1630" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3661.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3661.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3661", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.3606", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36456", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36227", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36197", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.3611", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.35992", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36422", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36595", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36628", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36465", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36516", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36536", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36543", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36508", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36485", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36528", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00157", "scoring_system": "epss", "scoring_elements": "0.36511", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3661" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147758", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147758" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3661", "reference_id": "CVE-2014-3661", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3661" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3661", "reference_id": "CVE-2014-3661", "reference_type": "", "scores": [ { "value": "5.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:N/A:P" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3661" }, { "reference_url": "https://github.com/advisories/GHSA-r5m2-g5gc-q43r", "reference_id": "GHSA-r5m2-g5gc-q43r", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-r5m2-g5gc-q43r" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54513?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54512?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.583", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.583" } ], "aliases": [ "CVE-2014-3661", "GHSA-r5m2-g5gc-q43r" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-r79s-gp2g-13b7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/54602?format=api", "vulnerability_id": "VCID-u4qt-vmg8-tkez", "summary": "Jenkins Exposure of Sensitive Information to an Unauthorized Actor vulnerability\nJenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/READ permission to obtain the default value for the password field of a parameterized job by reading the DOM.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3680.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3680.json" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2014-3680", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/security/cve/CVE-2014-3680" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3680", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22439", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22618", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22464", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22454", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22452", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22353", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22596", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22771", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22815", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22605", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22681", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22731", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22751", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22713", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22655", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22671", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00075", "scoring_system": "epss", "scoring_elements": "0.22668", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3680" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1148645", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1148645" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3680", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.0", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:S/C:P/I:N/A:N" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3680" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-8x8p-mfwv-9fjw", "reference_id": "GHSA-8x8p-mfwv-9fjw", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-8x8p-mfwv-9fjw" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54513?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54512?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.583", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.583" } ], "aliases": [ "CVE-2014-3680", "GHSA-8x8p-mfwv-9fjw" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u4qt-vmg8-tkez" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/55112?format=api", "vulnerability_id": "VCID-vznw-vuay-7bcg", "summary": "Jenkins allows for Code Execution via Crafted Packet to the CLI\nJenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel.", "references": [ { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0070", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://access.redhat.com/errata/RHSA-2016:0070" }, { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3666.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3666.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3666", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79115", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79029", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79013", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79003", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79031", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79028", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79027", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.7906", "published_at": "2026-04-24T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79067", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79081", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79094", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.78956", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.78962", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.78989", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.78974", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.78998", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01213", "scoring_system": "epss", "scoring_elements": "0.79005", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3666" }, { "reference_url": "https://github.com/jenkinsci/jenkins", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins" }, { "reference_url": "https://github.com/jenkinsci/jenkins/commit/be195b0e19343bff6d966029d8eea99b2c039c32", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://github.com/jenkinsci/jenkins/commit/be195b0e19343bff6d966029d8eea99b2c039c32" }, { "reference_url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3666", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:P/I:P/A:P" }, { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://nvd.nist.gov/vuln/detail/CVE-2014-3666" }, { "reference_url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.9", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:L" }, { "value": "MODERATE", "scoring_system": "generic_textual", "scoring_elements": "" } ], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-10-01" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147769", "reference_id": "1147769", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1147769" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_id": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_id": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*" }, { "reference_url": "https://github.com/advisories/GHSA-fvfh-8mj3-23xj", "reference_id": "GHSA-fvfh-8mj3-23xj", "reference_type": "", "scores": [ { "value": "MODERATE", "scoring_system": "cvssv3.1_qr", "scoring_elements": "" } ], "url": "https://github.com/advisories/GHSA-fvfh-8mj3-23xj" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/54513?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.565.3" }, { "url": "http://public2.vulnerablecode.io/api/packages/54512?format=api", "purl": "pkg:maven/org.jenkins-ci.main/jenkins-core@1.583", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.583" } ], "aliases": [ "CVE-2014-3666", "GHSA-fvfh-8mj3-23xj" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vznw-vuay-7bcg" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.583" }