Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.jenkins-ci.main/jenkins-core@1.513

Type maven

Namespace org.jenkins-ci.main

Name jenkins-core

Version 1.513

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 1.514

Latest_non_vulnerable_version 2.555

Affected_by_vulnerabilities

url VCID-hx86-64zz-8bds

vulnerability_id VCID-hx86-64zz-8bds

summary

Jenkins Cross-Site Request Forgery vulnerabilities
Multiple cross-site request forgery (CSRF) vulnerabilities in Jenkins before 1.514, LTS before 1.509.1, and Enterprise 1.466.x before 1.466.14.1 and 1.480.x before 1.480.4.1 allow remote attackers to hijack the authentication of administrators for requests that (1) execute arbitrary code or (2) initiate deployment of binaries to a Maven repository via unspecified vectors.

references

reference_url

https://access.redhat.com/errata/RHEA-2013:1032

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHEA-2013:1032

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2034.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2034.json

reference_url

https://access.redhat.com/security/cve/CVE-2013-2034

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2013-2034

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-2034

reference_id

reference_type

scores

value	0.00332
scoring_system	epss
scoring_elements	0.56378
published_at	2026-06-05T12:55:00Z

value	0.00332
scoring_system	epss
scoring_elements	0.56322
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2034

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=958958

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=958958

reference_url

https://issues.jenkins-ci.org/browse/SECURITY-63

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.jenkins-ci.org/browse/SECURITY-63

reference_url

https://issues.jenkins-ci.org/browse/SECURITY-69

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.jenkins-ci.org/browse/SECURITY-69

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-2034

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-2034

reference_url

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02

reference_url

http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb

reference_url	https://github.com/advisories/GHSA-fg4r-f9j2-36mw
reference_id	GHSA-fg4r-f9j2-36mw
reference_type
scores
url	https://github.com/advisories/GHSA-fg4r-f9j2-36mw

fixed_packages

url	pkg:maven/org.jenkins-ci.main/jenkins-core@1.514
purl	pkg:maven/org.jenkins-ci.main/jenkins-core@1.514
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.514

aliases CVE-2013-2034, GHSA-fg4r-f9j2-36mw

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hx86-64zz-8bds

url VCID-z5ed-ujrf-2ka2

vulnerability_id VCID-z5ed-ujrf-2ka2

summary

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2013-2033 Jenkins: Build Description XSS

references

reference_url

https://access.redhat.com/errata/RHEA-2013:1032

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/errata/RHEA-2013:1032

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2033.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-2033.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2013-2033

reference_id

reference_type

scores

value	0.00178
scoring_system	epss
scoring_elements	0.39046
published_at	2026-06-04T12:55:00Z

value	0.00178
scoring_system	epss
scoring_elements	0.39134
published_at	2026-06-05T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2013-2033

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=958957

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=958957

reference_url

https://exchange.xforce.ibmcloud.com/vulnerabilities/84004

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://exchange.xforce.ibmcloud.com/vulnerabilities/84004

reference_url

https://issues.jenkins-ci.org/browse/SECURITY-67

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.jenkins-ci.org/browse/SECURITY-67

reference_url

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-05-02

reference_url

http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb

reference_id

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-05-02.cb

reference_url

https://access.redhat.com/security/cve/CVE-2013-2033

reference_id

CVE-2013-2033

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://access.redhat.com/security/cve/CVE-2013-2033

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2013-2033

reference_id

CVE-2013-2033

reference_type

scores

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2013-2033

reference_url	https://github.com/advisories/GHSA-826f-32qm-vm3j
reference_id	GHSA-826f-32qm-vm3j
reference_type
scores
url	https://github.com/advisories/GHSA-826f-32qm-vm3j

fixed_packages

url	pkg:maven/org.jenkins-ci.main/jenkins-core@1.514
purl	pkg:maven/org.jenkins-ci.main/jenkins-core@1.514
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.514

aliases CVE-2013-2033, GHSA-826f-32qm-vm3j

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z5ed-ujrf-2ka2

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jenkins-ci.main/jenkins-core@1.513

Package Instance