CVE-2015-5319 - OpenCVE

XML external entity (XXE) vulnerability in the create-job CLI command in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Jenkins	Jenkins
Redhat	Openshift

Configuration 1 [-]

cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*

Configuration 2 [-]

cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*

Configuration 3 [-]

cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat OpenShift Enterprise 2.2
activemq-0:5.9.0-6.redhat.611454.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
jenkins-0:1.625.3-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
openshift-enterprise-upgrade-0:2.2.9-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
openshift-origin-broker-util-0:1.37.5.3-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
openshift-origin-cartridge-cron-0:1.25.2.1-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
openshift-origin-cartridge-haproxy-0:1.31.5.1-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
openshift-origin-cartridge-mysql-0:1.31.2.1-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
openshift-origin-cartridge-php-0:1.35.3.1-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
openshift-origin-cartridge-python-0:1.34.2.1-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
openshift-origin-msg-node-mcollective-0:1.30.2.1-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
openshift-origin-node-proxy-0:1.26.2.1-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
openshift-origin-node-util-0:1.38.6.2-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
php-0:5.3.3-46.el6_7.1	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
rhc-0:1.38.6.1-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
rubygem-openshift-origin-common-0:1.29.5.2-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
rubygem-openshift-origin-console-0:1.35.5.1-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
rubygem-openshift-origin-controller-0:1.38.5.1-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
rubygem-openshift-origin-frontend-apache-vhost-0:0.13.2.1-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
rubygem-openshift-origin-node-0:1.38.5.3-1.el6op	cpe:/a:redhat:openshift:2.0::el6	RHSA-2016:0489	2016-03-22T00:00:00Z
Red Hat OpenShift Enterprise 3.1
atomic-openshift-0:3.1.1.6-1.git.0.b57e8bd.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
heapster-0:0.18.2-3.gitaf4752e.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
jenkins-0:1.625.3-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-align-text-0:0.1.3-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-ansi-green-0:0.1.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-ansi-wrap-0:0.1.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-anymatch-0:1.3.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-array-unique-0:0.2.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-arr-diff-0:2.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-arr-flatten-0:1.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-arrify-0:1.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-async-each-0:1.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-binary-extensions-0:1.3.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-braces-0:1.8.2-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-capture-stack-trace-0:1.0.0-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-chokidar-0:1.4.1-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-configstore-0:1.4.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-create-error-class-0:2.0.1-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-deep-extend-0:0.3.2-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-duplexer-0:0.1.1-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-duplexify-0:3.4.2-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-end-of-stream-0:1.1.0-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-error-ex-0:1.2.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-es6-promise-0:3.0.2-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-event-stream-0:3.3.2-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-expand-brackets-0:0.1.4-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-expand-range-0:1.8.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-extglob-0:0.3.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-filename-regex-0:2.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-fill-range-0:2.2.3-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-for-in-0:0.1.4-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-for-own-0:0.1.3-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-from-0:0.1.3-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-glob-base-0:0.3.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-glob-parent-0:2.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-got-0:5.2.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-graceful-fs-0:4.1.2-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-ini-0:1.1.0-6.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-binary-path-0:1.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-dotfile-0:1.0.2-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-equal-shallow-0:0.1.3-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-extendable-0:0.1.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-extglob-0:1.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-glob-0:2.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-npm-0:1.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-number-0:2.1.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-isobject-0:2.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-plain-obj-0:1.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-primitive-0:2.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-redirect-0:1.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-is-stream-0:1.0.1-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-kind-of-0:3.0.2-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-latest-version-0:2.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lazy-cache-0:1.0.2-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.assign-0:3.2.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.baseassign-0:3.2.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.basecopy-0:3.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.bindcallback-0:3.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.createassigner-0:3.1.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.defaults-0:3.1.2-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.getnative-0:3.9.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.isarguments-0:3.0.4-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.isarray-0:3.0.4-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.isiterateecall-0:3.0.9-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.keys-0:3.1.2-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lodash.restparam-0:3.6.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-lowercase-keys-0:1.0.0-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-map-stream-0:0.1.0-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-micromatch-0:2.3.5-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-mkdirp-0:0.5.0-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-nodemon-0:1.8.1-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-node-status-codes-0:1.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-normalize-path-0:2.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-object-assign-0:4.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-object.omit-0:2.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-optimist-0:0.4.0-5.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-osenv-0:0.1.0-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-os-homedir-0:1.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-os-tmpdir-0:1.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-package-json-0:2.3.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-parse-glob-0:3.0.4-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-parse-json-0:2.2.0-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-pause-stream-0:0.0.11-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-pinkie-0:2.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-pinkie-promise-0:2.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-prepend-http-0:1.0.1-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-preserve-0:0.2.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-ps-tree-0:1.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-randomatic-0:1.1.5-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-rc-0:1.1.2-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-read-all-stream-0:3.0.1-3.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-readdirp-0:2.0.0-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-regex-cache-0:0.4.2-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-registry-url-0:3.0.3-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-repeat-element-0:1.1.2-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-semver-0:5.1.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-semver-diff-0:2.1.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-slide-0:1.1.5-3.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-split-0:0.3.3-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-stream-combiner-0:0.2.1-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-string-length-0:1.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-strip-json-comments-0:1.0.2-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-success-symbol-0:0.1.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-through-0:2.3.4-4.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-timed-out-0:2.0.0-3.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-touch-0:1.0.0-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-undefsafe-0:0.0.3-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-unzip-response-0:1.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-update-notifier-0:0.6.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-url-parse-lax-0:1.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-uuid-0:2.0.1-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-write-file-atomic-0:1.1.2-2.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nodejs-xdg-basedir-0:2.0.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
nss_wrapper-0:1.0.3-1.el7	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
openshift-ansible-0:3.0.35-1.git.0.6a386dd.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
openvswitch-0:2.4.0-1.el7	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z
origin-kibana-0:0.5.0-1.el7aos	cpe:/a:redhat:openshift:3.1::el7	RHSA-2016:0070	2016-01-26T00:00:00Z

References

Link	Providers
http://rhn.redhat.com/errata/RHSA-2016-0489.html
https://access.redhat.com/errata/RHSA-2016:0070
https://nvd.nist.gov/vuln/detail/CVE-2015-5319
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11
https://www.cve.org/CVERecord?id=CVE-2015-5319

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2015-11-25T20:00:00

Updated: 2024-08-06T06:41:09.531Z

Reserved: 2015-07-01T00:00:00

Link: CVE-2015-5319

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2015-11-25T20:59:10.383

Modified: 2019-12-17T17:41:03.340

Link: CVE-2015-5319

Redhat

Severity : Low

Publid Date: 2015-11-11T00:00:00Z

Links: CVE-2015-5319 - Bugzilla

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object