Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-6925-fwf4-f7df
Summary
Generation of Error Message Containing Sensitive Information
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier prints an error stack trace on agent-related pages when agent connections are broken, potentially revealing information about Jenkins configuration that is otherwise inaccessible to attackers.
Aliases
0
alias CVE-2023-27904
1
alias GHSA-rrgp-c2w8-6vg6
Fixed_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.375.4
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.375.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-432r-ukuw-4bgt
1
vulnerability VCID-6925-fwf4-f7df
2
vulnerability VCID-7xf4-2kjf-87fe
3
vulnerability VCID-dvyn-m8js-xbc2
4
vulnerability VCID-wyec-gfgc-4yfw
5
vulnerability VCID-xznu-vdv9-eue6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.375.4
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.387.1
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.387.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.387.1
2
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.394
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.394
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.394
Affected_packages
0
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.375.4
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.375.4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-432r-ukuw-4bgt
1
vulnerability VCID-6925-fwf4-f7df
2
vulnerability VCID-7xf4-2kjf-87fe
3
vulnerability VCID-dvyn-m8js-xbc2
4
vulnerability VCID-wyec-gfgc-4yfw
5
vulnerability VCID-xznu-vdv9-eue6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.375.4
1
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.376
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.376
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-432r-ukuw-4bgt
1
vulnerability VCID-6925-fwf4-f7df
2
vulnerability VCID-7xf4-2kjf-87fe
3
vulnerability VCID-betz-7kth-p3cr
4
vulnerability VCID-dvyn-m8js-xbc2
5
vulnerability VCID-wyec-gfgc-4yfw
6
vulnerability VCID-xznu-vdv9-eue6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.376
2
url pkg:maven/org.jenkins-ci.main/jenkins-core@2.388
purl pkg:maven/org.jenkins-ci.main/jenkins-core@2.388
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-432r-ukuw-4bgt
1
vulnerability VCID-6925-fwf4-f7df
2
vulnerability VCID-7xf4-2kjf-87fe
3
vulnerability VCID-dvyn-m8js-xbc2
4
vulnerability VCID-wyec-gfgc-4yfw
5
vulnerability VCID-xznu-vdv9-eue6
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@2.388
3
url pkg:rpm/redhat/jenkins@2.387.1.1680701869-1?arch=el8
purl pkg:rpm/redhat/jenkins@2.387.1.1680701869-1?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-432r-ukuw-4bgt
1
vulnerability VCID-6925-fwf4-f7df
2
vulnerability VCID-betz-7kth-p3cr
3
vulnerability VCID-r15d-pzfc-3fg7
4
vulnerability VCID-wyec-gfgc-4yfw
5
vulnerability VCID-y82q-fr9b-gyf2
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.387.1.1680701869-1%3Farch=el8
4
url pkg:rpm/redhat/jenkins@2.387.1.1683009763-3?arch=el8
purl pkg:rpm/redhat/jenkins@2.387.1.1683009763-3?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-432r-ukuw-4bgt
1
vulnerability VCID-6925-fwf4-f7df
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.387.1.1683009763-3%3Farch=el8
5
url pkg:rpm/redhat/jenkins@2.387.1.1683009767-3?arch=el8
purl pkg:rpm/redhat/jenkins@2.387.1.1683009767-3?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-432r-ukuw-4bgt
1
vulnerability VCID-6925-fwf4-f7df
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.387.1.1683009767-3%3Farch=el8
6
url pkg:rpm/redhat/jenkins@2.387.3.1684911776-3?arch=el8
purl pkg:rpm/redhat/jenkins@2.387.3.1684911776-3?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2cup-9gdn-yyhk
1
vulnerability VCID-56jv-htmt-rkew
2
vulnerability VCID-6925-fwf4-f7df
3
vulnerability VCID-7xf4-2kjf-87fe
4
vulnerability VCID-dvyn-m8js-xbc2
5
vulnerability VCID-hqzr-vc5w-9ff5
6
vulnerability VCID-mfub-hwcq-pqbt
7
vulnerability VCID-suxb-vrqh-wffp
8
vulnerability VCID-xznu-vdv9-eue6
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.387.3.1684911776-3%3Farch=el8
7
url pkg:rpm/redhat/jenkins@2.401.1.1686680404-3?arch=el8
purl pkg:rpm/redhat/jenkins@2.401.1.1686680404-3?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-432r-ukuw-4bgt
1
vulnerability VCID-6925-fwf4-f7df
2
vulnerability VCID-7k5m-ys11-mfby
3
vulnerability VCID-afh4-nhxq-y3he
4
vulnerability VCID-z3th-j593-m7bg
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.401.1.1686680404-3%3Farch=el8
8
url pkg:rpm/redhat/jenkins@2.401.1.1686831596-3?arch=el8
purl pkg:rpm/redhat/jenkins@2.401.1.1686831596-3?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-432r-ukuw-4bgt
1
vulnerability VCID-6925-fwf4-f7df
2
vulnerability VCID-9442-1vwr-5fbt
3
vulnerability VCID-afh4-nhxq-y3he
4
vulnerability VCID-betz-7kth-p3cr
5
vulnerability VCID-cden-3spy-pyhz
6
vulnerability VCID-dvyn-8phs-a3a6
7
vulnerability VCID-wyec-gfgc-4yfw
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.401.1.1686831596-3%3Farch=el8
9
url pkg:rpm/redhat/jenkins@2.414.3.1698293911-3?arch=el8
purl pkg:rpm/redhat/jenkins@2.414.3.1698293911-3?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-432r-ukuw-4bgt
1
vulnerability VCID-6925-fwf4-f7df
2
vulnerability VCID-h7qt-3g1f-5ffr
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.414.3.1698293911-3%3Farch=el8
10
url pkg:rpm/redhat/jenkins@2.414.3.1698298955-3?arch=el8
purl pkg:rpm/redhat/jenkins@2.414.3.1698298955-3?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-432r-ukuw-4bgt
1
vulnerability VCID-6925-fwf4-f7df
2
vulnerability VCID-h7qt-3g1f-5ffr
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.414.3.1698298955-3%3Farch=el8
11
url pkg:rpm/redhat/jenkins@2.426.3.1706515686-3?arch=el8
purl pkg:rpm/redhat/jenkins@2.426.3.1706515686-3?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-26me-tpwn-7udz
1
vulnerability VCID-432r-ukuw-4bgt
2
vulnerability VCID-5jqb-k5g9-6bb4
3
vulnerability VCID-6925-fwf4-f7df
4
vulnerability VCID-9tg6-2h2y-abah
5
vulnerability VCID-9xw3-4a4u-hbbb
6
vulnerability VCID-as38-uuy9-5qhu
7
vulnerability VCID-fnpa-1sqy-u7hw
8
vulnerability VCID-q3k2-1x5q-buhy
9
vulnerability VCID-y3mv-vmwd-tydt
10
vulnerability VCID-z3th-j593-m7bg
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.426.3.1706515686-3%3Farch=el8
12
url pkg:rpm/redhat/jenkins@2.426.3.1706516929-3?arch=el8
purl pkg:rpm/redhat/jenkins@2.426.3.1706516929-3?arch=el8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-26me-tpwn-7udz
1
vulnerability VCID-432r-ukuw-4bgt
2
vulnerability VCID-5jqb-k5g9-6bb4
3
vulnerability VCID-6925-fwf4-f7df
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@2.426.3.1706516929-3%3Farch=el8
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27904.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-27904.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-27904
reference_id
reference_type
scores
0
value 0.00495
scoring_system epss
scoring_elements 0.6593
published_at 2026-05-14T12:55:00Z
1
value 0.00495
scoring_system epss
scoring_elements 0.6576
published_at 2026-04-13T12:55:00Z
2
value 0.00495
scoring_system epss
scoring_elements 0.65794
published_at 2026-04-16T12:55:00Z
3
value 0.00495
scoring_system epss
scoring_elements 0.65809
published_at 2026-04-18T12:55:00Z
4
value 0.00495
scoring_system epss
scoring_elements 0.65795
published_at 2026-04-21T12:55:00Z
5
value 0.00495
scoring_system epss
scoring_elements 0.65808
published_at 2026-04-24T12:55:00Z
6
value 0.00495
scoring_system epss
scoring_elements 0.65819
published_at 2026-04-29T12:55:00Z
7
value 0.00495
scoring_system epss
scoring_elements 0.65793
published_at 2026-05-05T12:55:00Z
8
value 0.00495
scoring_system epss
scoring_elements 0.6584
published_at 2026-05-07T12:55:00Z
9
value 0.00495
scoring_system epss
scoring_elements 0.65884
published_at 2026-05-09T12:55:00Z
10
value 0.00495
scoring_system epss
scoring_elements 0.65855
published_at 2026-05-11T12:55:00Z
11
value 0.00495
scoring_system epss
scoring_elements 0.65874
published_at 2026-05-12T12:55:00Z
12
value 0.00495
scoring_system epss
scoring_elements 0.65723
published_at 2026-04-02T12:55:00Z
13
value 0.00495
scoring_system epss
scoring_elements 0.65753
published_at 2026-04-04T12:55:00Z
14
value 0.00495
scoring_system epss
scoring_elements 0.65719
published_at 2026-04-07T12:55:00Z
15
value 0.00495
scoring_system epss
scoring_elements 0.65772
published_at 2026-04-08T12:55:00Z
16
value 0.00495
scoring_system epss
scoring_elements 0.65783
published_at 2026-04-09T12:55:00Z
17
value 0.00495
scoring_system epss
scoring_elements 0.65804
published_at 2026-04-11T12:55:00Z
18
value 0.00495
scoring_system epss
scoring_elements 0.6579
published_at 2026-04-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-27904
2
reference_url https://github.com/CVEProject/cvelist/blob/master/2023/27xxx/CVE-2023-27904.json
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/CVEProject/cvelist/blob/master/2023/27xxx/CVE-2023-27904.json
3
reference_url https://github.com/jenkinsci/jenkins/commit/40663588eea4ac953209bd8845b6b880792f92cc
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/jenkinsci/jenkins/commit/40663588eea4ac953209bd8845b6b880792f92cc
4
reference_url https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120
reference_id
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
2
value LOW
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-02-28T18:51:08Z/
url https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2120
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2177634
reference_id 2177634
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2177634
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-27904
reference_id CVE-2023-27904
reference_type
scores
0
value 3.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-27904
7
reference_url https://github.com/advisories/GHSA-rrgp-c2w8-6vg6
reference_id GHSA-rrgp-c2w8-6vg6
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-rrgp-c2w8-6vg6
8
reference_url https://access.redhat.com/errata/RHSA-2023:1655
reference_id RHSA-2023:1655
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:1655
9
reference_url https://access.redhat.com/errata/RHSA-2023:3195
reference_id RHSA-2023:3195
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3195
10
reference_url https://access.redhat.com/errata/RHSA-2023:3198
reference_id RHSA-2023:3198
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3198
11
reference_url https://access.redhat.com/errata/RHSA-2023:3299
reference_id RHSA-2023:3299
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3299
12
reference_url https://access.redhat.com/errata/RHSA-2023:3622
reference_id RHSA-2023:3622
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3622
13
reference_url https://access.redhat.com/errata/RHSA-2023:3663
reference_id RHSA-2023:3663
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:3663
14
reference_url https://access.redhat.com/errata/RHSA-2023:6171
reference_id RHSA-2023:6171
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6171
15
reference_url https://access.redhat.com/errata/RHSA-2023:6172
reference_id RHSA-2023:6172
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:6172
16
reference_url https://access.redhat.com/errata/RHSA-2024:0775
reference_id RHSA-2024:0775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0775
17
reference_url https://access.redhat.com/errata/RHSA-2024:0778
reference_id RHSA-2024:0778
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:0778
Weaknesses
0
cwe_id 1035
name OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.
1
cwe_id 209
name Generation of Error Message Containing Sensitive Information
description The product generates an error message that includes sensitive information about its environment, users, or associated data.
2
cwe_id 937
name OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.
3
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Exploits
Severity_range_score0.1 - 5.3
Exploitability0.5
Weighted_severity4.8
Risk_score2.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-6925-fwf4-f7df