Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:rpm/redhat/jenkins-2-plugins@4.7.1652967082-1?arch=el8
Typerpm
Namespaceredhat
Namejenkins-2-plugins
Version4.7.1652967082-1
Qualifiers
arch el8
Subpath
Is_vulnerabletrue
Next_non_vulnerable_versionnull
Latest_non_vulnerable_versionnull
Affected_by_vulnerabilities
0
url VCID-2ftm-axhf-gbbd
vulnerability_id VCID-2ftm-axhf-gbbd
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29046.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29046.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-29046
reference_id
reference_type
scores
0
value 0.00096
scoring_system epss
scoring_elements 0.26422
published_at 2026-04-29T12:55:00Z
1
value 0.00096
scoring_system epss
scoring_elements 0.26481
published_at 2026-04-26T12:55:00Z
2
value 0.00096
scoring_system epss
scoring_elements 0.26487
published_at 2026-04-24T12:55:00Z
3
value 0.02317
scoring_system epss
scoring_elements 0.84794
published_at 2026-04-12T12:55:00Z
4
value 0.02317
scoring_system epss
scoring_elements 0.84798
published_at 2026-04-11T12:55:00Z
5
value 0.02317
scoring_system epss
scoring_elements 0.84781
published_at 2026-04-09T12:55:00Z
6
value 0.02317
scoring_system epss
scoring_elements 0.84811
published_at 2026-04-18T12:55:00Z
7
value 0.02317
scoring_system epss
scoring_elements 0.84809
published_at 2026-04-21T12:55:00Z
8
value 0.02317
scoring_system epss
scoring_elements 0.84774
published_at 2026-04-08T12:55:00Z
9
value 0.02317
scoring_system epss
scoring_elements 0.84789
published_at 2026-04-13T12:55:00Z
10
value 0.05643
scoring_system epss
scoring_elements 0.90316
published_at 2026-04-02T12:55:00Z
11
value 0.05643
scoring_system epss
scoring_elements 0.90327
published_at 2026-04-04T12:55:00Z
12
value 0.05643
scoring_system epss
scoring_elements 0.90332
published_at 2026-04-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-29046
2
reference_url http://seclists.org/fulldisclosure/2022/Jul/18
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/fulldisclosure/2022/Jul/18
3
reference_url https://github.com/jenkinsci/subversion-plugin
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/subversion-plugin
4
reference_url https://support.apple.com/kb/HT213345
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://support.apple.com/kb/HT213345
5
reference_url https://www.jenkins.io/security/advisory/2022-04-12/#SECURITY-2617
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-04-12/#SECURITY-2617
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2074851
reference_id 2074851
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2074851
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-29046
reference_id CVE-2022-29046
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-29046
8
reference_url https://github.com/advisories/GHSA-wpr6-qvcq-8269
reference_id GHSA-wpr6-qvcq-8269
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wpr6-qvcq-8269
9
reference_url https://access.redhat.com/errata/RHSA-2022:0871
reference_id RHSA-2022:0871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0871
10
reference_url https://access.redhat.com/errata/RHSA-2022:1600
reference_id RHSA-2022:1600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1600
11
reference_url https://access.redhat.com/errata/RHSA-2022:2205
reference_id RHSA-2022:2205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2205
12
reference_url https://access.redhat.com/errata/RHSA-2022:2280
reference_id RHSA-2022:2280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2280
13
reference_url https://access.redhat.com/errata/RHSA-2022:4909
reference_id RHSA-2022:4909
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4909
14
reference_url https://access.redhat.com/errata/RHSA-2022:4947
reference_id RHSA-2022:4947
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4947
fixed_packages
aliases CVE-2022-29046, GHSA-wpr6-qvcq-8269
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2ftm-axhf-gbbd
1
url VCID-2jak-uh1e-zbfx
vulnerability_id VCID-2jak-uh1e-zbfx
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Jenkins Credentials Plugin 1111.v35a_307992395 and earlier, except 1087.1089.v2f1b_9a_b_040e4, 1074.1076.v39c30cecb_0e2, and 2.6.1.1, does not escape the name and description of Credentials parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29036.json
reference_id
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29036.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-29036
reference_id
reference_type
scores
0
value 0.00355
scoring_system epss
scoring_elements 0.57775
published_at 2026-04-29T12:55:00Z
1
value 0.00355
scoring_system epss
scoring_elements 0.57796
published_at 2026-04-26T12:55:00Z
2
value 0.00355
scoring_system epss
scoring_elements 0.57777
published_at 2026-04-24T12:55:00Z
3
value 0.03963
scoring_system epss
scoring_elements 0.88367
published_at 2026-04-09T12:55:00Z
4
value 0.03963
scoring_system epss
scoring_elements 0.8837
published_at 2026-04-12T12:55:00Z
5
value 0.03963
scoring_system epss
scoring_elements 0.88369
published_at 2026-04-13T12:55:00Z
6
value 0.03963
scoring_system epss
scoring_elements 0.88384
published_at 2026-04-16T12:55:00Z
7
value 0.03963
scoring_system epss
scoring_elements 0.88381
published_at 2026-04-18T12:55:00Z
8
value 0.03963
scoring_system epss
scoring_elements 0.8838
published_at 2026-04-21T12:55:00Z
9
value 0.03963
scoring_system epss
scoring_elements 0.88322
published_at 2026-04-02T12:55:00Z
10
value 0.03963
scoring_system epss
scoring_elements 0.88336
published_at 2026-04-04T12:55:00Z
11
value 0.03963
scoring_system epss
scoring_elements 0.88341
published_at 2026-04-07T12:55:00Z
12
value 0.03963
scoring_system epss
scoring_elements 0.8836
published_at 2026-04-08T12:55:00Z
13
value 0.03963
scoring_system epss
scoring_elements 0.88378
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-29036
2
reference_url https://www.jenkins.io/security/advisory/2022-04-12/#SECURITY-2617
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.jenkins.io/security/advisory/2022-04-12/#SECURITY-2617
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2074847
reference_id 2074847
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2074847
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-29036
reference_id CVE-2022-29036
reference_type
scores
0
value 5.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-29036
5
reference_url https://github.com/advisories/GHSA-rvg5-f5fj-mxvg
reference_id GHSA-rvg5-f5fj-mxvg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rvg5-f5fj-mxvg
6
reference_url https://access.redhat.com/errata/RHSA-2022:0871
reference_id RHSA-2022:0871
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0871
7
reference_url https://access.redhat.com/errata/RHSA-2022:1600
reference_id RHSA-2022:1600
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:1600
8
reference_url https://access.redhat.com/errata/RHSA-2022:2205
reference_id RHSA-2022:2205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2205
9
reference_url https://access.redhat.com/errata/RHSA-2022:2280
reference_id RHSA-2022:2280
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2280
10
reference_url https://access.redhat.com/errata/RHSA-2022:4909
reference_id RHSA-2022:4909
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4909
11
reference_url https://access.redhat.com/errata/RHSA-2022:4947
reference_id RHSA-2022:4947
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4947
fixed_packages
aliases CVE-2022-29036, GHSA-rvg5-f5fj-mxvg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2jak-uh1e-zbfx
2
url VCID-k6wy-rwhv-ckd2
vulnerability_id VCID-k6wy-rwhv-ckd2
summary 
Incorrect Authorization
Jenkins Pipeline: Shared Groovy Libraries Plugin 564.ve62a_4eb_b_e039 and earlier, except 2.21.3, allows attackers able to submit pull requests (or equivalent), but not able to commit directly to the configured SCM, to effectively change the Pipeline behavior by changing the definition of a dynamically retrieved library in their pull request, even if the Pipeline is configured to not trust them.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29047.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-29047.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-29047
reference_id
reference_type
scores
0
value 0.00055
scoring_system epss
scoring_elements 0.17041
published_at 2026-04-29T12:55:00Z
1
value 0.00055
scoring_system epss
scoring_elements 0.17097
published_at 2026-04-26T12:55:00Z
2
value 0.00055
scoring_system epss
scoring_elements 0.17116
published_at 2026-04-24T12:55:00Z
3
value 0.00064
scoring_system epss
scoring_elements 0.20247
published_at 2026-04-04T12:55:00Z
4
value 0.00064
scoring_system epss
scoring_elements 0.20192
published_at 2026-04-02T12:55:00Z
5
value 0.00064
scoring_system epss
scoring_elements 0.19972
published_at 2026-04-07T12:55:00Z
6
value 0.00064
scoring_system epss
scoring_elements 0.20052
published_at 2026-04-08T12:55:00Z
7
value 0.00064
scoring_system epss
scoring_elements 0.20111
published_at 2026-04-09T12:55:00Z
8
value 0.00064
scoring_system epss
scoring_elements 0.20129
published_at 2026-04-11T12:55:00Z
9
value 0.00064
scoring_system epss
scoring_elements 0.20083
published_at 2026-04-12T12:55:00Z
10
value 0.00064
scoring_system epss
scoring_elements 0.20024
published_at 2026-04-13T12:55:00Z
11
value 0.00064
scoring_system epss
scoring_elements 0.20006
published_at 2026-04-16T12:55:00Z
12
value 0.00064
scoring_system epss
scoring_elements 0.2001
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-29047
2
reference_url https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/97bf32458e60ad252cfe5e7949bacf04459cee64
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/97bf32458e60ad252cfe5e7949bacf04459cee64
3
reference_url https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/bae59b46cb524549d7f346ba73d3161804c97331
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/workflow-cps-global-lib-plugin/commit/bae59b46cb524549d7f346ba73d3161804c97331
4
reference_url https://www.jenkins.io/security/advisory/2022-04-12/#SECURITY-1951
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-01-03T19:16:45Z/
url https://www.jenkins.io/security/advisory/2022-04-12/#SECURITY-1951
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2074855
reference_id 2074855
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2074855
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-29047
reference_id CVE-2022-29047
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-29047
7
reference_url https://github.com/advisories/GHSA-hh6f-6fp5-gfpv
reference_id GHSA-hh6f-6fp5-gfpv
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hh6f-6fp5-gfpv
8
reference_url https://access.redhat.com/errata/RHSA-2022:2205
reference_id RHSA-2022:2205
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:2205
9
reference_url https://access.redhat.com/errata/RHSA-2022:4909
reference_id RHSA-2022:4909
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:4909
10
reference_url https://access.redhat.com/errata/RHSA-2023:0017
reference_id RHSA-2023:0017
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0017
11
reference_url https://access.redhat.com/errata/RHSA-2023:1064
reference_id RHSA-2023:1064
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1064
fixed_packages
aliases CVE-2022-29047, GHSA-hh6f-6fp5-gfpv
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k6wy-rwhv-ckd2
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins-2-plugins@4.7.1652967082-1%3Farch=el8