Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.jenkins-ci.plugins/git-client@2.8.4
Typemaven
Namespaceorg.jenkins-ci.plugins
Namegit-client
Version2.8.4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.8.5
Latest_non_vulnerable_version6.4.1
Affected_by_vulnerabilities
0
url VCID-rus3-fvn9-53h9
vulnerability_id VCID-rus3-fvn9-53h9
summary 
Improper Neutralization of Special Elements used in an OS Command in Jenkins Git Client Plugin
Jenkins Git Client Plugin 2.8.4 and earlier did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10392.json
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10392.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10392
reference_id
reference_type
scores
0
value 0.80819
scoring_system epss
scoring_elements 0.99153
published_at 2026-04-29T12:55:00Z
1
value 0.80819
scoring_system epss
scoring_elements 0.99146
published_at 2026-04-12T12:55:00Z
2
value 0.80819
scoring_system epss
scoring_elements 0.99145
published_at 2026-04-13T12:55:00Z
3
value 0.80819
scoring_system epss
scoring_elements 0.99139
published_at 2026-04-02T12:55:00Z
4
value 0.80819
scoring_system epss
scoring_elements 0.99141
published_at 2026-04-04T12:55:00Z
5
value 0.80819
scoring_system epss
scoring_elements 0.99144
published_at 2026-04-07T12:55:00Z
6
value 0.80819
scoring_system epss
scoring_elements 0.99147
published_at 2026-04-16T12:55:00Z
7
value 0.80819
scoring_system epss
scoring_elements 0.99149
published_at 2026-04-21T12:55:00Z
8
value 0.80819
scoring_system epss
scoring_elements 0.99148
published_at 2026-04-18T12:55:00Z
9
value 0.80819
scoring_system epss
scoring_elements 0.99137
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10392
2
reference_url https://github.com/jenkinsci/git-client-plugin/commit/899123fa2eb9dd2c37137aae630c47c6be6b4b02
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/git-client-plugin/commit/899123fa2eb9dd2c37137aae630c47c6be6b4b02
3
reference_url https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1534
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jenkins.io/security/advisory/2019-09-12/#SECURITY-1534
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10392
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:P/A:P
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10392
5
reference_url http://www.openwall.com/lists/oss-security/2019/09/12/2
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/09/12/2
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1819704
reference_id 1819704
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1819704
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:git_client:3.0.0:rc:*:*:*:jenkins:*:*
reference_id cpe:2.3:a:jenkins:git_client:3.0.0:rc:*:*:*:jenkins:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:git_client:3.0.0:rc:*:*:*:jenkins:*:*
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:git_client:*:*:*:*:*:jenkins:*:*
reference_id cpe:2.3:a:jenkins:git_client:*:*:*:*:*:jenkins:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:git_client:*:*:*:*:*:jenkins:*:*
9
reference_url https://github.com/advisories/GHSA-hw6x-2qwv-rxr7
reference_id GHSA-hw6x-2qwv-rxr7
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hw6x-2qwv-rxr7
10
reference_url https://access.redhat.com/errata/RHSA-2020:2478
reference_id RHSA-2020:2478
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:2478
fixed_packages
0
url pkg:maven/org.jenkins-ci.plugins/git-client@2.8.5
purl pkg:maven/org.jenkins-ci.plugins/git-client@2.8.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.plugins/git-client@2.8.5
aliases CVE-2019-10392, GHSA-hw6x-2qwv-rxr7
risk_score 10.0
exploitability 2.0
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rus3-fvn9-53h9
Fixing_vulnerabilities
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.plugins/git-client@2.8.4