Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/jenkins-2-plugins@4.15.1729838165-1?arch=el8
Typerpm
Namespaceredhat
Namejenkins-2-plugins
Version4.15.1729838165-1
Qualifiers
arch el8
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-1bh8-3gb1-4ben
vulnerability_id VCID-1bh8-3gb1-4ben
summary 
Spring Framework vulnerable to Denial of Service
In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition. Older, unsupported versions are also affected.

Specifically, an application is vulnerable when the following is true:

  *  The application evaluates user-supplied SpEL expressions.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38808.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-38808.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-38808
reference_id
reference_type
scores
0
value 0.00809
scoring_system epss
scoring_elements 0.74287
published_at 2026-05-05T12:55:00Z
1
value 0.00809
scoring_system epss
scoring_elements 0.7417
published_at 2026-04-02T12:55:00Z
2
value 0.00809
scoring_system epss
scoring_elements 0.74196
published_at 2026-04-04T12:55:00Z
3
value 0.00809
scoring_system epss
scoring_elements 0.74169
published_at 2026-04-07T12:55:00Z
4
value 0.00809
scoring_system epss
scoring_elements 0.74202
published_at 2026-04-08T12:55:00Z
5
value 0.00809
scoring_system epss
scoring_elements 0.74217
published_at 2026-04-09T12:55:00Z
6
value 0.00809
scoring_system epss
scoring_elements 0.74238
published_at 2026-04-11T12:55:00Z
7
value 0.00809
scoring_system epss
scoring_elements 0.7422
published_at 2026-04-12T12:55:00Z
8
value 0.00809
scoring_system epss
scoring_elements 0.74212
published_at 2026-04-13T12:55:00Z
9
value 0.00809
scoring_system epss
scoring_elements 0.7425
published_at 2026-04-16T12:55:00Z
10
value 0.00809
scoring_system epss
scoring_elements 0.7426
published_at 2026-04-18T12:55:00Z
11
value 0.00809
scoring_system epss
scoring_elements 0.74251
published_at 2026-04-21T12:55:00Z
12
value 0.00809
scoring_system epss
scoring_elements 0.74286
published_at 2026-04-24T12:55:00Z
13
value 0.00809
scoring_system epss
scoring_elements 0.74294
published_at 2026-04-26T12:55:00Z
14
value 0.00809
scoring_system epss
scoring_elements 0.74293
published_at 2026-04-29T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-38808
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38808
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-38808
3
reference_url https://github.com/spring-projects/spring-framework
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework
4
reference_url https://github.com/spring-projects/spring-framework/commit/26f2dad388499faecf99e75b8856788e95d8d658
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/26f2dad388499faecf99e75b8856788e95d8d658
5
reference_url https://github.com/spring-projects/spring-framework/commit/f44d13cb7816e586b86c02421af4f5498391111c
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/spring-projects/spring-framework/commit/f44d13cb7816e586b86c02421af4f5498391111c
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-38808
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-38808
7
reference_url https://security.netapp.com/advisory/ntap-20240920-0002
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://security.netapp.com/advisory/ntap-20240920-0002
8
reference_url https://spring.io/security/cve-2024-38808
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
1
value 5.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-20T13:48:27Z/
url https://spring.io/security/cve-2024-38808
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2305959
reference_id 2305959
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2305959
10
reference_url https://github.com/advisories/GHSA-9cmq-m9j5-mvww
reference_id GHSA-9cmq-m9j5-mvww
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9cmq-m9j5-mvww
11
reference_url https://access.redhat.com/errata/RHSA-2024:8884
reference_id RHSA-2024:8884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8884
12
reference_url https://access.redhat.com/errata/RHSA-2024:8885
reference_id RHSA-2024:8885
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8885
13
reference_url https://access.redhat.com/errata/RHSA-2024:8886
reference_id RHSA-2024:8886
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8886
14
reference_url https://access.redhat.com/errata/RHSA-2024:8887
reference_id RHSA-2024:8887
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8887
fixed_packages
aliases CVE-2024-38808, GHSA-9cmq-m9j5-mvww
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1bh8-3gb1-4ben
1
url VCID-jarz-xtnw-ufbz
vulnerability_id VCID-jarz-xtnw-ufbz
summary 
Jenkins exposes multi-line secrets through error messages
Jenkins 

Jenkins provides the `secretTextarea` form field for multi-line secrets.

Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.

This can result in exposure of multi-line secrets through those error messages, e.g., in the system log.

Jenkins 2.479, LTS 2.462.3 redacts multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47803.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47803.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-47803
reference_id
reference_type
scores
0
value 0.0063
scoring_system epss
scoring_elements 0.70344
published_at 2026-05-05T12:55:00Z
1
value 0.0063
scoring_system epss
scoring_elements 0.70293
published_at 2026-04-12T12:55:00Z
2
value 0.0063
scoring_system epss
scoring_elements 0.7028
published_at 2026-04-13T12:55:00Z
3
value 0.0063
scoring_system epss
scoring_elements 0.70321
published_at 2026-04-16T12:55:00Z
4
value 0.0063
scoring_system epss
scoring_elements 0.70331
published_at 2026-04-18T12:55:00Z
5
value 0.0063
scoring_system epss
scoring_elements 0.70312
published_at 2026-04-21T12:55:00Z
6
value 0.0063
scoring_system epss
scoring_elements 0.70364
published_at 2026-04-24T12:55:00Z
7
value 0.0063
scoring_system epss
scoring_elements 0.70373
published_at 2026-04-26T12:55:00Z
8
value 0.0063
scoring_system epss
scoring_elements 0.70371
published_at 2026-04-29T12:55:00Z
9
value 0.0063
scoring_system epss
scoring_elements 0.70229
published_at 2026-04-02T12:55:00Z
10
value 0.0063
scoring_system epss
scoring_elements 0.70245
published_at 2026-04-04T12:55:00Z
11
value 0.0063
scoring_system epss
scoring_elements 0.70222
published_at 2026-04-07T12:55:00Z
12
value 0.0063
scoring_system epss
scoring_elements 0.70268
published_at 2026-04-08T12:55:00Z
13
value 0.0063
scoring_system epss
scoring_elements 0.70284
published_at 2026-04-09T12:55:00Z
14
value 0.0063
scoring_system epss
scoring_elements 0.70307
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-47803
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-47803
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-47803
3
reference_url https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3451
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:49Z/
url https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3451
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2316137
reference_id 2316137
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2316137
5
reference_url https://github.com/advisories/GHSA-pj95-ph4q-4qm4
reference_id GHSA-pj95-ph4q-4qm4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pj95-ph4q-4qm4
6
reference_url https://access.redhat.com/errata/RHSA-2024:8884
reference_id RHSA-2024:8884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8884
7
reference_url https://access.redhat.com/errata/RHSA-2024:8885
reference_id RHSA-2024:8885
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8885
8
reference_url https://access.redhat.com/errata/RHSA-2024:8886
reference_id RHSA-2024:8886
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8886
9
reference_url https://access.redhat.com/errata/RHSA-2024:8887
reference_id RHSA-2024:8887
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8887
fixed_packages
aliases CVE-2024-47803, GHSA-pj95-ph4q-4qm4
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jarz-xtnw-ufbz
2
url VCID-mkf8-a5k3-83fs
vulnerability_id VCID-mkf8-a5k3-83fs
summary 
Improper Certificate Validation
Apache Sling Commons Messaging Mail provides a simple layer on top of JavaMail/Jakarta Mail for OSGi to send mails via SMTPS. To reduce the risk of "man in the middle" attacks additional server identity checks must be performed when accessing mail servers. For compatibility reasons these additional checks are disabled by default in JavaMail/Jakarta Mail. The SimpleMailService in Apache Sling Commons Messaging Mail 1.0 lacks an option to enable these checks for the shared mail session. A user could enable these checks nevertheless by accessing the session via the message created by SimpleMessageBuilder and setting the property mail.smtps.ssl.checkserveridentity to true. Apache Sling Commons Messaging Mail 2.0 adds support for enabling server identity checks and these checks are enabled by default. - https://javaee.github.io/javamail/docs/SSLNOTES.txt - https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html - https://github.com/eclipse-ee4j/mail/issues/429
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44549.json
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-44549.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44549
reference_id
reference_type
scores
0
value 0.00185
scoring_system epss
scoring_elements 0.39816
published_at 2026-05-07T12:55:00Z
1
value 0.00185
scoring_system epss
scoring_elements 0.40268
published_at 2026-04-04T12:55:00Z
2
value 0.00185
scoring_system epss
scoring_elements 0.4019
published_at 2026-04-07T12:55:00Z
3
value 0.00185
scoring_system epss
scoring_elements 0.40254
published_at 2026-04-09T12:55:00Z
4
value 0.00185
scoring_system epss
scoring_elements 0.40265
published_at 2026-04-11T12:55:00Z
5
value 0.00185
scoring_system epss
scoring_elements 0.40227
published_at 2026-04-12T12:55:00Z
6
value 0.00185
scoring_system epss
scoring_elements 0.40208
published_at 2026-04-13T12:55:00Z
7
value 0.00185
scoring_system epss
scoring_elements 0.40255
published_at 2026-04-16T12:55:00Z
8
value 0.00185
scoring_system epss
scoring_elements 0.40224
published_at 2026-04-18T12:55:00Z
9
value 0.00185
scoring_system epss
scoring_elements 0.40148
published_at 2026-04-21T12:55:00Z
10
value 0.00185
scoring_system epss
scoring_elements 0.39973
published_at 2026-04-24T12:55:00Z
11
value 0.00185
scoring_system epss
scoring_elements 0.39959
published_at 2026-04-26T12:55:00Z
12
value 0.00185
scoring_system epss
scoring_elements 0.39878
published_at 2026-04-29T12:55:00Z
13
value 0.00185
scoring_system epss
scoring_elements 0.3975
published_at 2026-05-05T12:55:00Z
14
value 0.00185
scoring_system epss
scoring_elements 0.40094
published_at 2026-04-01T12:55:00Z
15
value 0.00185
scoring_system epss
scoring_elements 0.40243
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44549
2
reference_url https://github.com/eclipse-ee4j
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/eclipse-ee4j
3
reference_url https://github.com/eclipse-ee4j/mail/issues/429
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/eclipse-ee4j/mail/issues/429
4
reference_url https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://javaee.github.io/javamail/docs/api/com/sun/mail/smtp/package-summary.html
5
reference_url https://javaee.github.io/javamail/docs/SSLNOTES.txt
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://javaee.github.io/javamail/docs/SSLNOTES.txt
6
reference_url https://lists.apache.org/thread/l8p9h2bqvkj6rhv4w8kzctb817415b7f
reference_id
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/l8p9h2bqvkj6rhv4w8kzctb817415b7f
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2315808
reference_id 2315808
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2315808
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44549
reference_id CVE-2021-44549
reference_type
scores
0
value 7.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44549
9
reference_url https://github.com/advisories/GHSA-c69w-jj56-834w
reference_id GHSA-c69w-jj56-834w
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-c69w-jj56-834w
10
reference_url https://access.redhat.com/errata/RHSA-2024:7670
reference_id RHSA-2024:7670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7670
11
reference_url https://access.redhat.com/errata/RHSA-2024:7676
reference_id RHSA-2024:7676
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:7676
12
reference_url https://access.redhat.com/errata/RHSA-2024:8884
reference_id RHSA-2024:8884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8884
13
reference_url https://access.redhat.com/errata/RHSA-2024:8885
reference_id RHSA-2024:8885
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8885
14
reference_url https://access.redhat.com/errata/RHSA-2024:8886
reference_id RHSA-2024:8886
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8886
15
reference_url https://access.redhat.com/errata/RHSA-2024:8887
reference_id RHSA-2024:8887
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8887
fixed_packages
aliases CVE-2021-44549, GHSA-c69w-jj56-834w
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mkf8-a5k3-83fs
3
url VCID-vpxs-mxz3-xqch
vulnerability_id VCID-vpxs-mxz3-xqch
summary 
Jenkins item creation restriction bypass vulnerability
Jenkins provides APIs for fine-grained control of item creation:

- Authorization strategies can prohibit the creation of items of a given type in a given item group (`ACL#hasCreatePermission2`).

- Item types can prohibit creation of new instances in a given item group (`TopLevelItemDescriptor#isApplicableIn(ItemGroup)`).

If an attempt is made to create an item of a prohibited type through the Jenkins CLI or the REST API and either of the above checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk.

This allows attackers with Item/Create permission to bypass these restrictions, creating a temporary item. With Item/Configure permission, they can also save the item to persist it.

If an attempt is made to create an item of a prohibited type through the Jenkins CLI or the REST API and either of the above checks fail, Jenkins 2.479, LTS 2.462.3 does not retain the item in memory.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47804.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-47804.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-47804
reference_id
reference_type
scores
0
value 0.00448
scoring_system epss
scoring_elements 0.63599
published_at 2026-05-05T12:55:00Z
1
value 0.00448
scoring_system epss
scoring_elements 0.63622
published_at 2026-04-11T12:55:00Z
2
value 0.00448
scoring_system epss
scoring_elements 0.63606
published_at 2026-04-12T12:55:00Z
3
value 0.00448
scoring_system epss
scoring_elements 0.63609
published_at 2026-04-16T12:55:00Z
4
value 0.00448
scoring_system epss
scoring_elements 0.63618
published_at 2026-04-18T12:55:00Z
5
value 0.00448
scoring_system epss
scoring_elements 0.63601
published_at 2026-04-21T12:55:00Z
6
value 0.00448
scoring_system epss
scoring_elements 0.63619
published_at 2026-04-24T12:55:00Z
7
value 0.00448
scoring_system epss
scoring_elements 0.63632
published_at 2026-04-26T12:55:00Z
8
value 0.00448
scoring_system epss
scoring_elements 0.63626
published_at 2026-04-29T12:55:00Z
9
value 0.00448
scoring_system epss
scoring_elements 0.63545
published_at 2026-04-02T12:55:00Z
10
value 0.00448
scoring_system epss
scoring_elements 0.63573
published_at 2026-04-13T12:55:00Z
11
value 0.00448
scoring_system epss
scoring_elements 0.63538
published_at 2026-04-07T12:55:00Z
12
value 0.00448
scoring_system epss
scoring_elements 0.6359
published_at 2026-04-08T12:55:00Z
13
value 0.00448
scoring_system epss
scoring_elements 0.63607
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-47804
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-47804
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-47804
3
reference_url https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3448
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
1
value 5.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-02T16:31:07Z/
url https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3448
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2316131
reference_id 2316131
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2316131
5
reference_url https://github.com/advisories/GHSA-f9qj-77q2-h5c5
reference_id GHSA-f9qj-77q2-h5c5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f9qj-77q2-h5c5
6
reference_url https://access.redhat.com/errata/RHSA-2024:8884
reference_id RHSA-2024:8884
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8884
7
reference_url https://access.redhat.com/errata/RHSA-2024:8885
reference_id RHSA-2024:8885
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8885
8
reference_url https://access.redhat.com/errata/RHSA-2024:8886
reference_id RHSA-2024:8886
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8886
9
reference_url https://access.redhat.com/errata/RHSA-2024:8887
reference_id RHSA-2024:8887
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:8887
fixed_packages
aliases CVE-2024-47804, GHSA-f9qj-77q2-h5c5
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vpxs-mxz3-xqch
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.15.1729838165-1%3Farch=el8