VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-ka2b-nyb7-s3c7

Essentials
Severities (25)
References (13)
Severity details (10)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-ka2b-nyb7-s3c7
Aliases	CVE-2013-0329 GHSA-78cj-2m29-q5r9
Summary	Cross-Site Request Forgery (CSRF) Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote attackers to bypass the CSRF protection mechanism via unknown attack vectors.
Status	Published
Exploitability	0.5
Weighted Severity	6.8
Risk	3.4
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-352	Cross-Site Request Forgery (CSRF)
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
generic_textual	MODERATE	http://rhn.redhat.com/errata/RHSA-2013-0638.html
generic_textual	MODERATE	https://access.redhat.com/errata/RHSA-2013:0638
generic_textual	MODERATE	https://access.redhat.com/security/cve/CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
epss	0.00205	https://api.first.org/data/v1/epss?cve=CVE-2013-0329
generic_textual	MODERATE	https://bugzilla.redhat.com/show_bug.cgi?id=914877
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-78cj-2m29-q5r9
cvssv2	7.5	https://nvd.nist.gov/vuln/detail/CVE-2013-0329
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2013-0329
generic_textual	MODERATE	https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
generic_textual	MODERATE	http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb
generic_textual	MODERATE	http://www.openwall.com/lists/oss-security/2013/02/21/7

Reference id	Reference type	URL
		http://rhn.redhat.com/errata/RHSA-2013-0638.html
		https://access.redhat.com/errata/RHSA-2013:0638
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-0329.json
		https://api.first.org/data/v1/epss?cve=CVE-2013-0329
		https://bugzilla.redhat.com/show_bug.cgi?id=914877
		https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-02-16
		http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-02-16.cb
		http://www.openwall.com/lists/oss-security/2013/02/21/7
cpe:2.3:a:jenkins:jenkins::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins::::::::
cpe:2.3:a:jenkins:jenkins:::::lts:::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:jenkins:jenkins:::::lts:::*
CVE-2013-0329		https://access.redhat.com/security/cve/CVE-2013-0329
CVE-2013-0329		https://nvd.nist.gov/vuln/detail/CVE-2013-0329
GHSA-78cj-2m29-q5r9		https://github.com/advisories/GHSA-78cj-2m29-q5r9

No exploits are available.

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2013-0329

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Exploit Prediction Scoring System (EPSS)

Percentile	0.42569
EPSS Score	0.00205
Published At	April 1, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T12:50:03.493400+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/org.jenkins-ci.main/jenkins-core/CVE-2013-0329.yml	38.0.0