Lucene search
RedhatCVELIST:CVE-2016-0791HistoryApr 07, 2016 - 11:00 p.m.
CVE-2016-0791
2016-04-0723:00:00
redhat
www.cve.org
Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.
Related
veracode
veracode
Timing Attack
2019-05-02 05:29:28
github
github
Exposure of Sensitive Information in Jenkins Core
2022-05-14 03:58:15
ubuntucve
ubuntucve
CVE-2016-0791
2016-04-07 00:00:00
nvd
nvd
CVE-2016-0791
2016-04-07 23:59:02
prion
prion
Cross site request forgery (csrf)
2016-04-07 23:59:00
osv
osv
Exposure of Sensitive Information in Jenkins Core
2022-05-14 03:58:15
cve
cve
CVE-2016-0791
2016-04-07 23:59:02
redhat
redhat
nessus
nessus
openvas
openvas
Fedora Update for jenkins FEDORA-2016-641
2016-03-18 00:00:00
Fedora Update for jenkins FEDORA-2016-0
2016-03-18 00:00:00
Jenkins Multiple Vulnerabilities (Feb 2016) - Windows
2016-05-20 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: jenkins-remoting-2.53.3-1.fc23
2016-03-17 21:00:40
[SECURITY] Fedora 22 Update: jenkins-remoting-2.53.3-1.fc22
2016-03-17 21:25:57
[SECURITY] Fedora 23 Update: jenkins-1.625.3-3.fc23
2016-03-17 21:00:40
freebsd
freebsd
jenkins -- multiple vulnerabilities
2016-02-24 00:00:00