| Max CVSS | 7.5 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2013-0327 | 6.8 |
Cross-site request forgery (CSRF) vulnerability in Jenkins master in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to hijack the authentication of users via unknown vectors.
|
13-02-2023 - 04:41 | 19-03-2013 - 14:55 | |
| CVE-2013-0328 | 4.3 |
Cross-site scripting (XSS) vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
13-02-2023 - 04:41 | 19-03-2013 - 14:55 | |
| CVE-2013-0329 | 7.5 |
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors.
|
13-02-2023 - 04:41 | 19-03-2013 - 14:55 | |
| CVE-2013-0262 | 4.3 |
rack/file.rb (Rack::File) in Rack 1.5.x before 1.5.2 and 1.4.x before 1.4.5 allows attackers to access arbitrary files outside the intended root directory via a crafted PATH_INFO environment variable, probably a directory traversal vulnerability that
|
13-02-2023 - 04:40 | 08-02-2013 - 20:55 | |
| CVE-2013-0263 | 5.1 |
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack
|
13-02-2023 - 04:40 | 08-02-2013 - 20:55 | |
| CVE-2013-0331 | 4.0 |
Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload.
|
13-06-2016 - 23:25 | 19-03-2013 - 14:55 | |
| CVE-2013-0330 | 4.0 |
Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.
|
13-06-2016 - 23:24 | 19-03-2013 - 14:55 |