Django REST framework

Lookup for vulnerabilities affecting packages.

Vulnerability_id VCID-jwfm-58dk-v7da

Summary

Jenkins Vulnerable to Denial of Service (DoS) via Crafted Payload
Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload.

Aliases

alias	CVE-2013-0331

alias	GHSA-5c56-g5cq-4gj9

Fixed_packages

url	pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
purl	pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.480.3

url	pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
purl	pkg:maven/org.jenkins-ci.main/jenkins-core@1.502
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.502

Affected_packages

References

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=914879
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=914879

reference_url	https://github.com/jenkinsci/jenkins
reference_id
reference_type
scores
url	https://github.com/jenkinsci/jenkins

reference_url	https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994
reference_id
reference_type
scores
url	https://web.archive.org/web/20200229023853/http://www.securityfocus.com/bid/57994

reference_url	https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
reference_id
reference_type
scores
url	https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2013-0331
reference_id	CVE-2013-0331
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2013-0331

reference_url	https://github.com/advisories/GHSA-5c56-g5cq-4gj9
reference_id	GHSA-5c56-g5cq-4gj9
reference_type
scores
url	https://github.com/advisories/GHSA-5c56-g5cq-4gj9

Weaknesses

cwe_id	20
name	Improper Input Validation
description	The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

cwe_id	937
name	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013.

cwe_id	1035
name	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
description	Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017.

Exploits

Severity_range_score null

Exploitability null

Weighted_severity null

Risk_score null

Resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jwfm-58dk-v7da

Vulnerability Instance