CVE-2013-0330 – org.jenkins-ci.main:jenkins-core

Package

Manager: maven
Name: org.jenkins-ci.main:jenkins-core
Vulnerable Version: >=1.481 <1.502 || >=0 <1.480.3

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.003 pctl0.52764

Details

Jenkins allows Remote Users to Build Arbitrary Jobs Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors.

Metadata

Created: 2022-05-05T02:48:48Z
Modified: 2025-03-13T17:45:33Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-25c5-58xw-hw5q/GHSA-25c5-58xw-hw5q.json
CWE IDs: ["CWE-284"]
Alternative ID: GHSA-25c5-58xw-hw5q
Finding: F039
Auto approve: 1