Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jenkins-ci.main/cli@2.528.3
Typemaven
Namespaceorg.jenkins-ci.main
Namecli
Version2.528.3
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.541
Latest_non_vulnerable_version2.541
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-sq8g-te16-9qcj
vulnerability_id VCID-sq8g-te16-9qcj
summary 
Jenkins has a Denial of service vulnerability in HTTP-based CLI
Jenkins 2.540 and earlier, LTS 2.528.2 and earlier does not properly close HTTP-based CLI connections when the connection stream becomes corrupted, allowing unauthenticated attackers to cause a denial of service.
references
0
reference_url https://fluidattacks.com/blog/unauth-dos-in-jenkins-cli
reference_id
reference_type
scores
url https://fluidattacks.com/blog/unauth-dos-in-jenkins-cli
1
reference_url https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
url https://github.com/jenkinsci/jenkins
2
reference_url https://github.com/jenkinsci/jenkins/commit/efa1816322026f2b9235a27eee814bcc7ba0a764
reference_id
reference_type
scores
url https://github.com/jenkinsci/jenkins/commit/efa1816322026f2b9235a27eee814bcc7ba0a764
3
reference_url https://www.jenkins.io/security/advisory/2025-12-10/#SECURITY-3630
reference_id
reference_type
scores
url https://www.jenkins.io/security/advisory/2025-12-10/#SECURITY-3630
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-67635
reference_id CVE-2025-67635
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2025-67635
5
reference_url https://github.com/advisories/GHSA-9p56-p6mw-w8qc
reference_id GHSA-9p56-p6mw-w8qc
reference_type
scores
url https://github.com/advisories/GHSA-9p56-p6mw-w8qc
fixed_packages
0
url pkg:maven/org.jenkins-ci.main/cli@2.528.3
purl pkg:maven/org.jenkins-ci.main/cli@2.528.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/cli@2.528.3
1
url pkg:maven/org.jenkins-ci.main/cli@2.541
purl pkg:maven/org.jenkins-ci.main/cli@2.541
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/cli@2.541
aliases CVE-2025-67635, GHSA-9p56-p6mw-w8qc
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sq8g-te16-9qcj
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/cli@2.528.3