CVE-2013-0331

Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload.

Published Bysecalert@redhat.com

Published DateMar 19, 2013, 14:55

Affected Versions(2)

org.jenkins-ci.main:jenkins-core(Maven)

Introduced1.481

Fixed1.502

LimitN/A

org.jenkins-ci.main:jenkins-core(Maven)

Introduced0

Fixed1.480.3

LimitN/A

Package (Ecosystem)	Introduced	Fixed	Limit
org.jenkins-ci.main:jenkins-core(Maven)	1.481	1.502	N/A
org.jenkins-ci.main:jenkins-core(Maven)	0	1.480.3	N/A

Weakness Type (CWE):CWE-20

CVSS Metrics

Base Score

Vector String

AV:N/AC:L/Au:S/C:N/I:N/A:P

Base Severity

Version

2.0

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

PARTIAL

References

Weakness Type (CWE):CWE-20

CVSS Metrics

Base Score

Vector String

AV:N/AC:L/Au:S/C:N/I:N/A:P

Base Severity

Version

2.0

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality (C)

NONE

Integrity (I)

NONE

Availability (A)

PARTIAL