CVE-2013-7330
First published: Fri Oct 17 2014(Updated: )
Jenkins before 1.502 allows remote authenticated users to configure an otherwise restricted project via vectors related to post-build actions.
Credit: security@debian.org security@debian.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Jenkins Jenkins | <=1.501 | |
| maven/org.jenkins-ci.main:jenkins-core | <1.480.3 | 1.480.3 |
| maven/org.jenkins-ci.main:jenkins-core | >=1.481<1.502 | 1.502 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2014/02/21/2
- https://github.com/jenkinsci/jenkins/commit/36342d71e29e0620f803a7470ce96c61761648d8
- https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2014-02-14
- https://nvd.nist.gov/vuln/detail/CVE-2013-7330
- https://github.com/jenkinsci/jenkins/commit/757bc8a53956e6fbab267214e6e0896f03c3c262
- https://github.com/advisories/GHSA-h5jv-hg68-mjhg (Advisory)
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-h5jv-hg68-mjhg
- alias/CVE-2013-7330
- agent/software-canonical-lookup
- agent/remedy
- agent/severity
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/softwarecombine
- agent/description
- agent/event
- collector/nvd-cve
- source/NVD
- agent/author
- collector/github-advisory
- agent/trending
- agent/tags
- agent/source
- vendor/jenkins
- canonical/jenkins jenkins
- version/jenkins jenkins/1.501
- package-manager/maven