Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:apk/alpine/jenkins@2.245-r0?arch=s390x&distroversion=v3.12&reponame=community

Type apk

Namespace alpine

Name jenkins

Version 2.245-r0

Qualifiers

arch	s390x
distroversion	v3.12
reponame	community

Subpath

Is_vulnerable false

Next_non_vulnerable_version 2.275-r0

Latest_non_vulnerable_version 2.319.3-r0

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-he3v-ysf3-zkb8

vulnerability_id VCID-he3v-ysf3-zkb8

summary

Stored XSS vulnerability in Jenkins console links
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the `href` attribute of links to downstream jobs displayed in the build console page. This results in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure permission.

Jenkins 2.245, LTS 2.235.2 escapes the `href` attribute of these links.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2223.json

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2223.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-2223

reference_id

reference_type

scores

value	0.00513
scoring_system	epss
scoring_elements	0.66559
published_at	2026-04-29T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66558
published_at	2026-04-26T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66542
published_at	2026-04-24T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66518
published_at	2026-04-21T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66533
published_at	2026-04-18T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66515
published_at	2026-04-16T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.6648
published_at	2026-04-13T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66511
published_at	2026-04-12T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66524
published_at	2026-04-11T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66405
published_at	2026-04-01T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66444
published_at	2026-04-02T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66504
published_at	2026-04-09T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66471
published_at	2026-04-04T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.6649
published_at	2026-04-08T12:55:00Z

value	0.00513
scoring_system	epss
scoring_elements	0.66442
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-2223

reference_url

https://github.com/jenkinsci/jenkins

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/jenkins

reference_url

https://github.com/jenkinsci/jenkins/commit/11f4a351224ef04cfeb9c7636fb1590b67543f3c

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/jenkins/commit/11f4a351224ef04cfeb9c7636fb1590b67543f3c

reference_url

https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1945

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1945

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-2223

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-2223

reference_url

http://www.openwall.com/lists/oss-security/2020/07/15/5

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/07/15/5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1857433
reference_id	1857433
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1857433

reference_url

https://github.com/advisories/GHSA-gfhj-524q-gcrm

reference_id

GHSA-gfhj-524q-gcrm

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-gfhj-524q-gcrm

reference_url	https://access.redhat.com/errata/RHSA-2020:3519
reference_id	RHSA-2020:3519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3519

reference_url	https://access.redhat.com/errata/RHSA-2020:3541
reference_id	RHSA-2020:3541
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3541

reference_url	https://access.redhat.com/errata/RHSA-2020:3808
reference_id	RHSA-2020:3808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3808

fixed_packages

url	pkg:apk/alpine/jenkins@2.245-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/jenkins@2.245-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/jenkins@2.245-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2020-2223, GHSA-gfhj-524q-gcrm

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-he3v-ysf3-zkb8

url VCID-kusb-1k76-a3ck

vulnerability_id VCID-kusb-1k76-a3ck

summary

Stored XSS vulnerability in Jenkins job build time trend
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the agent name in the build time trend page, resulting in a stored cross-site scripting vulnerability.

Jenkins 2.245, LTS 2.235.2 escapes the agent name.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2220.json

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2220.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-2220

reference_id

reference_type

scores

value	0.00419
scoring_system	epss
scoring_elements	0.61907
published_at	2026-04-29T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.61816
published_at	2026-04-07T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.61846
published_at	2026-04-04T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.61865
published_at	2026-04-08T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.61881
published_at	2026-04-09T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.61902
published_at	2026-04-21T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.6189
published_at	2026-04-12T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.6187
published_at	2026-04-13T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.61913
published_at	2026-04-16T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.61918
published_at	2026-04-18T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.61897
published_at	2026-04-24T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.61915
published_at	2026-04-26T12:55:00Z

value	0.00419
scoring_system	epss
scoring_elements	0.61742
published_at	2026-04-01T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-2220

reference_url

https://github.com/jenkinsci/jenkins

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/jenkins

reference_url

https://github.com/jenkinsci/jenkins/commit/b43531acee280dedc3ea454a2fc5a1a42990ddda

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/jenkins/commit/b43531acee280dedc3ea454a2fc5a1a42990ddda

reference_url

https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1868

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1868

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-2220

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-2220

reference_url

http://www.openwall.com/lists/oss-security/2020/07/15/5

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/07/15/5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1857425
reference_id	1857425
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1857425

reference_url

https://github.com/advisories/GHSA-qgj4-rc8m-44mq

reference_id

GHSA-qgj4-rc8m-44mq

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-qgj4-rc8m-44mq

reference_url	https://access.redhat.com/errata/RHSA-2020:3519
reference_id	RHSA-2020:3519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3519

reference_url	https://access.redhat.com/errata/RHSA-2020:3541
reference_id	RHSA-2020:3541
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3541

reference_url	https://access.redhat.com/errata/RHSA-2020:3808
reference_id	RHSA-2020:3808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3808

fixed_packages

url	pkg:apk/alpine/jenkins@2.245-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/jenkins@2.245-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/jenkins@2.245-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2020-2220, GHSA-qgj4-rc8m-44mq

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kusb-1k76-a3ck

url VCID-nqxw-x7ea-aqew

vulnerability_id VCID-nqxw-x7ea-aqew

summary

Stored XSS vulnerability in Jenkins upstream cause
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting vulnerability.

Jenkins 2.245, LTS 2.235.2 escapes the job display name.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2221.json

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2221.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-2221

reference_id

reference_type

scores

value	0.00524
scoring_system	epss
scoring_elements	0.66999
published_at	2026-04-29T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.67
published_at	2026-04-26T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66988
published_at	2026-04-24T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66966
published_at	2026-04-21T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66984
published_at	2026-04-18T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.6697
published_at	2026-04-16T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66936
published_at	2026-04-13T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66968
published_at	2026-04-12T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66982
published_at	2026-04-11T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66863
published_at	2026-04-01T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.669
published_at	2026-04-07T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66962
published_at	2026-04-09T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66949
published_at	2026-04-08T12:55:00Z

value	0.00524
scoring_system	epss
scoring_elements	0.66927
published_at	2026-04-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-2221

reference_url

https://github.com/jenkinsci/jenkins

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/jenkins

reference_url

https://github.com/jenkinsci/jenkins/commit/f6e575381bdba85afaf27c529d7298091f226e49

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/jenkins/commit/f6e575381bdba85afaf27c529d7298091f226e49

reference_url

https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1901

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1901

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-2221

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-2221

reference_url

http://www.openwall.com/lists/oss-security/2020/07/15/5

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/07/15/5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1857427
reference_id	1857427
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1857427

reference_url

https://github.com/advisories/GHSA-g4j6-m3m3-crw8

reference_id

GHSA-g4j6-m3m3-crw8

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-g4j6-m3m3-crw8

reference_url	https://access.redhat.com/errata/RHSA-2020:3519
reference_id	RHSA-2020:3519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3519

reference_url	https://access.redhat.com/errata/RHSA-2020:3541
reference_id	RHSA-2020:3541
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3541

reference_url	https://access.redhat.com/errata/RHSA-2020:3808
reference_id	RHSA-2020:3808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3808

fixed_packages

url	pkg:apk/alpine/jenkins@2.245-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/jenkins@2.245-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/jenkins@2.245-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2020-2221, GHSA-g4j6-m3m3-crw8

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nqxw-x7ea-aqew

url VCID-v5aw-ffxe-ckdv

vulnerability_id VCID-v5aw-ffxe-ckdv

summary

Stored XSS vulnerability in Jenkins 'keep forever' badge icon
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the job name in the 'Keep this build forever' badge tooltip. This results in a stored cross-site scripting (XSS) vulnerability exploitable by users able to configure job names.

As job names do not generally support the character set needed for XSS, this is believed to be difficult to exploit in common configurations.

Jenkins 2.245, LTS 2.235.2 escapes the job name in the 'Keep this build forever' badge tooltip.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2222.json

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-2222.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2020-2222

reference_id

reference_type

scores

value	0.00519
scoring_system	epss
scoring_elements	0.6687
published_at	2026-04-29T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66873
published_at	2026-04-26T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.6686
published_at	2026-04-24T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66835
published_at	2026-04-21T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66852
published_at	2026-04-18T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66838
published_at	2026-04-16T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66805
published_at	2026-04-13T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66837
published_at	2026-04-12T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66851
published_at	2026-04-11T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66731
published_at	2026-04-01T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.6677
published_at	2026-04-02T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66831
published_at	2026-04-09T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66795
published_at	2026-04-04T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66816
published_at	2026-04-08T12:55:00Z

value	0.00519
scoring_system	epss
scoring_elements	0.66767
published_at	2026-04-07T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2020-2222

reference_url

https://github.com/jenkinsci/jenkins

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/jenkins

reference_url

https://github.com/jenkinsci/jenkins/commit/e7443ef2ef255253231f3f1db0034fae39f0cba5

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/jenkins/commit/e7443ef2ef255253231f3f1db0034fae39f0cba5

reference_url

https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1902

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://jenkins.io/security/advisory/2020-07-15/#SECURITY-1902

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2020-2222

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2020-2222

reference_url

http://www.openwall.com/lists/oss-security/2020/07/15/5

reference_id

reference_type

scores

value	8.0
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	HIGH
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2020/07/15/5

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=1857431
reference_id	1857431
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=1857431

reference_url

https://github.com/advisories/GHSA-864v-5q2g-fr64

reference_id

GHSA-864v-5q2g-fr64

reference_type

scores

value	HIGH
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-864v-5q2g-fr64

reference_url	https://access.redhat.com/errata/RHSA-2020:3519
reference_id	RHSA-2020:3519
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3519

reference_url	https://access.redhat.com/errata/RHSA-2020:3541
reference_id	RHSA-2020:3541
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3541

reference_url	https://access.redhat.com/errata/RHSA-2020:3808
reference_id	RHSA-2020:3808
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2020:3808

fixed_packages

url	pkg:apk/alpine/jenkins@2.245-r0?arch=s390x&distroversion=v3.12&reponame=community
purl	pkg:apk/alpine/jenkins@2.245-r0?arch=s390x&distroversion=v3.12&reponame=community
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:apk/alpine/jenkins@2.245-r0%3Farch=s390x&distroversion=v3.12&reponame=community

aliases CVE-2020-2222, GHSA-864v-5q2g-fr64

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v5aw-ffxe-ckdv

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/jenkins@2.245-r0%3Farch=s390x&distroversion=v3.12&reponame=community

Package Instance