admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-08 05:58:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Synchronized data.

Browse Source
This commit is contained in:
CVE Team 2018-01-23 09:06:01 -05:00
parent 439a577570
commit 752d82eadf
No known key found for this signature in database
GPG Key ID: 3504EC0FB4B2FE56
10 changed files with 641 additions and 89 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
2015/1142xxx/CVE-2015-1142857.json
View File

@ -1,9 +1,6 @@
{ {
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"CVE_data_meta" : { "CVE_data_meta" : {
"ASSIGNER": "kurt@seifried.org", "ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-22", "DATE_ASSIGNED" : "2018-01-22",
"ID" : "CVE-2015-1142857", "ID" : "CVE-2015-1142857",
"REQUESTER" : "gmollett@redhat.com", "REQUESTER" : "gmollett@redhat.com",
@ -13,7 +10,6 @@
"vendor" : { "vendor" : {
"vendor_data" : [ "vendor_data" : [
{ {
"vendor_name": "Linux Kernel",
"product" : { "product" : {
"product_data" : [ "product_data" : [
{ {
@ -30,10 +26,10 @@
} }
} }
] ]
} },
"vendor_name" : "Linux Kernel"
}, },
{ {
"vendor_name": "DPRK",
"product" : { "product" : {
"product_data" : [ "product_data" : [
{ {
@ -47,11 +43,15 @@
} }
} }
] ]
} },
"vendor_name" : "DPRK"
} }
] ]
} }
}, },
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : { "description" : {
"description_data" : [ "description_data" : [
{ {
@ -74,11 +74,14 @@
}, },
"references" : { "references" : {
"reference_data" : [ "reference_data" : [
{
"url" : "http://seclists.org/oss-sec/2015/q4/425"
},
{ {
"url" : "https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-smolyar.pdf" "url" : "https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-smolyar.pdf"
}, },
{ {
"url": "http://seclists.org/oss-sec/2015/q4/425" "url" : "https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00046&languageid=en-fr"
} }
] ]
} }

63
2018/1000xxx/CVE-2018-1000008.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2018-01-22/"}]},"description": {"description_data": [{"lang": "eng","value": "Jenkins PMD Plugin processes XML external entitites in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "3.49 and earlier"}]},"product_name": "Jenkins PMD Plugin"}]},"vendor_name": "Jenkins PMD Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-01-22","ID": "CVE-2018-1000008","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity Processing"}]}]}} {
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-22",
"ID" : "CVE-2018-1000008",
"REQUESTER" : "ml@beckweb.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Jenkins PMD Plugin",
"version" : {
"version_data" : [
{
"version_value" : "3.49 and earlier"
}
]
}
}
]
},
"vendor_name" : "Jenkins PMD Plugin"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jenkins PMD Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XML External Entity Processing"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jenkins.io/security/advisory/2018-01-22/"
}
]
}
}

63
2018/1000xxx/CVE-2018-1000009.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2018-01-22/"}]},"description": {"description_data": [{"lang": "eng","value": "Jenkins Checkstyle Plugin processes XML external entitites in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "3.49 and earlier"}]},"product_name": "Jenkins Checkstyle Plugin"}]},"vendor_name": "Jenkins Checkstyle Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-01-22","ID": "CVE-2018-1000009","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity Processing"}]}]}} {
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-22",
"ID" : "CVE-2018-1000009",
"REQUESTER" : "ml@beckweb.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Jenkins Checkstyle Plugin",
"version" : {
"version_data" : [
{
"version_value" : "3.49 and earlier"
}
]
}
}
]
},
"vendor_name" : "Jenkins Checkstyle Plugin"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XML External Entity Processing"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jenkins.io/security/advisory/2018-01-22/"
}
]
}
}

63
2018/1000xxx/CVE-2018-1000010.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2018-01-22/"}]},"description": {"description_data": [{"lang": "eng","value": "Jenkins DRY Plugin processes XML external entitites in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2.49 and earlier"}]},"product_name": "Jenkins DRY Plugin"}]},"vendor_name": "Jenkins DRY Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-01-22","ID": "CVE-2018-1000010","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity Processing"}]}]}} {
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-22",
"ID" : "CVE-2018-1000010",
"REQUESTER" : "ml@beckweb.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Jenkins DRY Plugin",
"version" : {
"version_data" : [
{
"version_value" : "2.49 and earlier"
}
]
}
}
]
},
"vendor_name" : "Jenkins DRY Plugin"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jenkins DRY Plugin 2.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XML External Entity Processing"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jenkins.io/security/advisory/2018-01-22/"
}
]
}
}

63
2018/1000xxx/CVE-2018-1000011.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2018-01-22/"}]},"description": {"description_data": [{"lang": "eng","value": "Jenkins FindBugs Plugin processes XML external entitites in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "4.71 and earlier"}]},"product_name": "Jenkins FindBugs Plugin"}]},"vendor_name": "Jenkins FindBugs Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-01-22","ID": "CVE-2018-1000011","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity Processing"}]}]}} {
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-22",
"ID" : "CVE-2018-1000011",
"REQUESTER" : "ml@beckweb.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Jenkins FindBugs Plugin",
"version" : {
"version_data" : [
{
"version_value" : "4.71 and earlier"
}
]
}
}
]
},
"vendor_name" : "Jenkins FindBugs Plugin"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jenkins FindBugs Plugin 4.71 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XML External Entity Processing"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jenkins.io/security/advisory/2018-01-22/"
}
]
}
}

63
2018/1000xxx/CVE-2018-1000012.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2018-01-22/"}]},"description": {"description_data": [{"lang": "eng","value": "Jenkins Warnings Plugin processes XML external entitites in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "4.64 and earlier"}]},"product_name": "Jenkins Warnings Plugin"}]},"vendor_name": "Jenkins Warnings Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-01-22","ID": "CVE-2018-1000012","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity Processing"}]}]}} {
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-22",
"ID" : "CVE-2018-1000012",
"REQUESTER" : "ml@beckweb.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Jenkins Warnings Plugin",
"version" : {
"version_data" : [
{
"version_value" : "4.64 and earlier"
}
]
}
}
]
},
"vendor_name" : "Jenkins Warnings Plugin"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "XML External Entity Processing"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jenkins.io/security/advisory/2018-01-22/"
}
]
}
}

63
2018/1000xxx/CVE-2018-1000013.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2018-01-22/"}]},"description": {"description_data": [{"lang": "eng","value": "Jenkins Release Plugin did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to trigger release builds."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2.9 and earlier"}]},"product_name": "Jenkins Release Plugin"}]},"vendor_name": "Jenkins Release Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-01-22","ID": "CVE-2018-1000013","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross-Site Request Forgery"}]}]}} {
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-22",
"ID" : "CVE-2018-1000013",
"REQUESTER" : "ml@beckweb.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Jenkins Release Plugin",
"version" : {
"version_data" : [
{
"version_value" : "2.9 and earlier"
}
]
}
}
]
},
"vendor_name" : "Jenkins Release Plugin"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jenkins Release Plugin 2.9 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to trigger release builds."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Request Forgery"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jenkins.io/security/advisory/2018-01-22/"
}
]
}
}

63
2018/1000xxx/CVE-2018-1000014.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2018-01-22/"}]},"description": {"description_data": [{"lang": "eng","value": "Jenkins Translation Assistance Plugin did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to override localized strings displayed to all users on the current Jenkins instance if the victim is a Jenkins administrator."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.15 and earlier"}]},"product_name": "Jenkins Translation Assistance Plugin"}]},"vendor_name": "Jenkins Translation Assistance Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-01-22","ID": "CVE-2018-1000014","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross-Site Request Forgery"}]}]}} {
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-22",
"ID" : "CVE-2018-1000014",
"REQUESTER" : "ml@beckweb.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Jenkins Translation Assistance Plugin",
"version" : {
"version_data" : [
{
"version_value" : "1.15 and earlier"
}
]
}
}
]
},
"vendor_name" : "Jenkins Translation Assistance Plugin"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jenkins Translation Assistance Plugin 1.15 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to override localized strings displayed to all users on the current Jenkins instance if the victim is a Jenkins administrator."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Request Forgery"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jenkins.io/security/advisory/2018-01-22/"
}
]
}
}

63
2018/1000xxx/CVE-2018-1000015.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2018-01-22/"}]},"description": {"description_data": [{"lang": "eng","value": "On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline `node` blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes plugin."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "2.17 and earlier"}]},"product_name": "Jenkins Pipeline: Nodes and Processes Plugin"}]},"vendor_name": "Jenkins Pipeline: Nodes and Processes Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-01-22","ID": "CVE-2018-1000015","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Incorrect Access Control"}]}]}} {
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-22",
"ID" : "CVE-2018-1000015",
"REQUESTER" : "ml@beckweb.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Jenkins Pipeline: Nodes and Processes Plugin",
"version" : {
"version_data" : [
{
"version_value" : "2.17 and earlier"
}
]
}
}
]
},
"vendor_name" : "Jenkins Pipeline: Nodes and Processes Plugin"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline `node` blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes plugin 2.17 and earlier."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Incorrect Access Control"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jenkins.io/security/advisory/2018-01-22/"
}
]
}
}

63
2018/1000xxx/CVE-2018-1000016.json
View File

@ -1 +1,62 @@
{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2018-01-22/"}]},"description": {"description_data": [{"lang": "eng","value": "Jenkins Ant Plugin failed to escape tool names it shows on job configuration screens, resulting in a cross-site scripting vulnerability that is exploitable only by Jenkins administrators."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.7 and earlier"}]},"product_name": "Jenkins Ant Plugin"}]},"vendor_name": "Jenkins Ant Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-01-22","ID": "CVE-2018-1000016","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "Cross-Site Scripting"}]}]}} {
"CVE_data_meta" : {
"ASSIGNER" : "cve-assign@distributedweaknessfiling.org",
"DATE_ASSIGNED" : "2018-01-22",
"ID" : "CVE-2018-1000016",
"REQUESTER" : "ml@beckweb.net",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Jenkins Ant Plugin",
"version" : {
"version_data" : [
{
"version_value" : "1.7 and earlier"
}
]
}
}
]
},
"vendor_name" : "Jenkins Ant Plugin"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Jenkins Ant Plugin 1.7 and earlier failed to escape tool names it shows on job configuration screens, resulting in a cross-site scripting vulnerability that is exploitable only by Jenkins administrators."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://jenkins.io/security/advisory/2018-01-22/"
}
]
}
}