Lucene search
K
CloudbeesJenkins

9 matches found

CVE
CVE
added 2013/02/24 10:0 p.m.83 views

CVE-2012-6073

Summary (CVE-2012-6073) : Jenkins core components prior to specific versions are vulnerable to an open redirect that allows remote attackers to redirect users to arbitrary sites and facilitate phishing via unspecified vectors. Affected products/versions include Jenkins before 1.491, Jenkins LTS b...

5.8CVSS6.6AI score0.01832EPSS
CVE
CVE
added 2013/02/24 10:0 p.m.82 views

CVE-2012-6072

CVE-2012-6072 is a CRLF injection vulnerability in Jenkins core exposed to remote attackers who can inject HTTP headers and trigger HTTP response splitting via unspecified vectors. Affected are Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.4...

4.3CVSS6.8AI score0.01832EPSS
CVE
CVE
added 2014/04/10 2:0 p.m.81 views

CVE-2013-2033

CVE-2013-2033 affects Jenkins before 1.514, Jenkins LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1/1.480.x before 1.480.4.1. The vulnerability is a cross-site scripting (XSS) issue that allows remote authenticated users with write permission to inject arbitrary web script or HTML vi...

2.1CVSS5.2AI score0.01875EPSS
CVE
CVE
added 2013/02/24 10:0 p.m.78 views

CVE-2013-0158

CVE-2013-0158 affects Jenkins and Jenkins Enterprise. When a Jenkins slave is attached and anonymous read access is enabled, remote attackers could obtain the master cryptographic key via unspecified vectors, enabling potential arbitrary code execution on the master. Affected versions include Jen...

2.6CVSS6.1AI score0.02455EPSS
CVE
CVE
added 2014/05/14 7:0 p.m.74 views

CVE-2013-2034

CVE-2013-2034 affects Jenkins and related Enterprise/LTS builds, enabling CSRF-based administrator session hijacking that can lead to arbitrary code execution or deployment of binaries to a Maven repository. Affected software includes Jenkins before 1.514, LTS before 1.509.1, Jenkins Enterprise 1...

6.8CVSS7.9AI score0.01624EPSS
CVE
CVE
added 2020/02/24 4:54 p.m.73 views

CVE-2012-0785

Jenkins Hash DoS (CVE-2012-0785): Affected products are Jenkins versions before 1.447, LTS before 1.424.2, and CloudBees Enterprise 1.424.x before 1.424.2.1 or 1.400.x before 1.400.0.11. The vulnerability involves a hash collision that could allow remote attackers to cause substantial CPU load. N...

7.8CVSS7.3AI score0.03351EPSS
CVE
CVE
added 2013/02/24 10:0 p.m.72 views

CVE-2012-6074

The CVE-2012-6074 entry concerns a Cross-site scripting (XSS) vulnerability in Jenkins. Affected versions include Jenkins before 1.491, Jenkins LTS before 1.480.1, and Jenkins Enterprise 1.424.x before 1.424.6.13, 1.447.x before 1.447.4.1, and 1.466.x before 1.466.10.1. The root cause is an XSS f...

3.5CVSS5.2AI score0.01424EPSS
CVE
CVE
added 2012/03/09 11:0 a.m.66 views

CVE-2012-0325

Affected software: Jenkins core (org.jenkins-ci.main:jenkins-core). Vulnerable versions include Jenkins before 1.454, Jenkins LTS before 1.424.5, and Jenkins Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1. Root cause: cross-site scripting (XSS) vulnerability allowing a remote a...

4.3CVSS5.6AI score0.01137EPSS
CVE
CVE
added 2012/03/09 11:0 a.m.62 views

CVE-2012-0324

CVE-2012-0324 is an XSS vulnerability in Jenkins core prior to versions 1.454, 1.424.5 (LTS), and Enterprise 1.400.x before 1.400.0.13 and 1.424.x before 1.424.5.1. The issue arises from an improper handling/escaping that allows remote attackers to inject arbitrary web script or HTML via unspecif...

4.3CVSS5.6AI score0.01137EPSS