Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-ntb4-3udv-s7fv

Summary

Jenkins Vulnerable to Denial of Service (DoS) via Crafted Payload
Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload.

Aliases

alias	CVE-2013-0331

alias	GHSA-5c56-g5cq-4gj9

Fixed_packages

url	pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
purl	pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3

url	pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
purl	pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.502

Affected_packages

url pkg:maven/org.jenkins-ci.main/jenkins-core@1.481

purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.481

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-4e6j-926u-kbhz

vulnerability	VCID-59k5-93zx-17dn

vulnerability	VCID-b4dc-bc34-jfdz

vulnerability	VCID-e9c4-wjkd-4kgp

vulnerability	VCID-ka2b-nyb7-s3c7

vulnerability	VCID-kwt4-b76w-tfas

vulnerability	VCID-napq-s84t-dfct

vulnerability	VCID-ntb4-3udv-s7fv

vulnerability	VCID-ruc8-365z-b7fr

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.481

url pkg:rpm/redhat/jenkins@1.502-1?arch=el6op

purl pkg:rpm/redhat/jenkins@1.502-1?arch=el6op

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-35e6-cpn8-w7h1

vulnerability	VCID-59k5-93zx-17dn

vulnerability	VCID-9wdu-x7wy-tkf4

vulnerability	VCID-ka2b-nyb7-s3c7

vulnerability	VCID-kwt4-b76w-tfas

vulnerability	VCID-ntb4-3udv-s7fv

vulnerability	VCID-y12d-fjpf-uubh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/jenkins@1.502-1%3Farch=el6op

url pkg:rpm/redhat/openshift-origin-cartridge-jenkins-1.4@1.0.3-1?arch=el6op

purl pkg:rpm/redhat/openshift-origin-cartridge-jenkins-1.4@1.0.3-1?arch=el6op

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-35e6-cpn8-w7h1

vulnerability	VCID-59k5-93zx-17dn

vulnerability	VCID-9wdu-x7wy-tkf4

vulnerability	VCID-ka2b-nyb7-s3c7

vulnerability	VCID-kwt4-b76w-tfas

vulnerability	VCID-ntb4-3udv-s7fv

vulnerability	VCID-y12d-fjpf-uubh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/openshift-origin-cartridge-jenkins-1.4@1.0.3-1%3Farch=el6op

url pkg:rpm/redhat/ruby193-rubygem-rack@1:1.4.1-4?arch=el6

purl pkg:rpm/redhat/ruby193-rubygem-rack@1:1.4.1-4?arch=el6

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-35e6-cpn8-w7h1

vulnerability	VCID-59k5-93zx-17dn

vulnerability	VCID-9wdu-x7wy-tkf4

vulnerability	VCID-ka2b-nyb7-s3c7

vulnerability	VCID-kwt4-b76w-tfas

vulnerability	VCID-ntb4-3udv-s7fv

vulnerability	VCID-y12d-fjpf-uubh

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/ruby193-rubygem-rack@1:1.4.1-4%3Farch=el6

url pkg:rpm/redhat/rubygem-rack@1:1.3.0-4?arch=el6op

purl pkg:rpm/redhat/rubygem-rack@1:1.3.0-4?arch=el6op

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1r79-ts6t-hufh

vulnerability	VCID-35e6-cpn8-w7h1

vulnerability	VCID-59k5-93zx-17dn

vulnerability	VCID-5ey2-dm5w-y7a6

vulnerability	VCID-9wdu-x7wy-tkf4

vulnerability	VCID-c883-yge1-yygb

vulnerability	VCID-ka2b-nyb7-s3c7

vulnerability	VCID-kwt4-b76w-tfas

vulnerability	VCID-ntb4-3udv-s7fv

vulnerability	VCID-rrwv-dzq7-9ybd

vulnerability	VCID-s2ka-cp49-q3hz

vulnerability	VCID-vnm4-gfjh-8qa7

vulnerability	VCID-xenc-mfdw-mucm

vulnerability	VCID-y12d-fjpf-uubh

vulnerability	VCID-z46p-c93u-auav

resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/rubygem-rack@1:1.3.0-4%3Farch=el6op

References

reference_url

http://rhn.redhat.com/errata/RHSA-2013-0638.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://rhn.redhat.com/errata/RHSA-2013-0638.html

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0331.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0331.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-0331

reference_id

reference_type

scores

value	0.00395
scoring_system	epss
scoring_elements	0.60344
published_at	2026-04-13T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60363
published_at	2026-04-12T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60377
published_at	2026-04-11T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60356
published_at	2026-04-09T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.6034
published_at	2026-04-08T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60221
published_at	2026-04-01T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60297
published_at	2026-04-02T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60323
published_at	2026-04-04T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60291
published_at	2026-04-07T12:55:00Z

value	0.00395
scoring_system	epss
scoring_elements	0.60386
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-0331

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=914879

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=914879

reference_url

https://github.com/jenkinsci/jenkins

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/jenkinsci/jenkins

reference_url

https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994

reference_url

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16

reference_url

http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb

reference_url

http://www.openwall.com/lists/oss-security/2013/02/21/7

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.openwall.com/lists/oss-security/2013/02/21/7

reference_url	http://www.securityfocus.com/bid/57994
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/57994

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins::::::::
reference_id	cpe:2.3:a:jenkins:jenkins::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:::::lts:::*
reference_id	cpe:2.3:a:jenkins:jenkins:::::lts:::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:::::lts:::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-0331

reference_id

CVE-2013-0331

reference_type

scores

value	4.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:S/C:N/I:N/A:P

value	5.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-0331

reference_url

https://github.com/advisories/GHSA-5c56-g5cq-4gj9

reference_id

GHSA-5c56-g5cq-4gj9

reference_type

scores

value	MODERATE
scoring_system	cvssv3.1_qr
scoring_elements

url

https://github.com/advisories/GHSA-5c56-g5cq-4gj9

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score 4.0 - 6.9

Exploitability 0.5

Weighted_severity 6.2

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ntb4-3udv-s7fv

Vulnerability Instance