exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2016-0791

почти 10 лет назад

Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.

CVSS3: 9.8

EPSS: Низкий

CVE-2016-0791

почти 10 лет назад

Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.

CVSS2: 3.6

EPSS: Низкий

CVE-2016-0791

почти 10 лет назад

Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.

CVSS3: 9.8

EPSS: Низкий

CVE-2016-0791

почти 10 лет назад

Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time ...

CVSS3: 9.8

EPSS: Низкий

GHSA-jmw7-ph6p-33cc

больше 3 лет назад

Exposure of Sensitive Information in Jenkins Core

CVSS3: 9.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2016-0791 Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.	CVSS3: 9.8	0% Низкий	почти 10 лет назад
CVE-2016-0791 Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.	CVSS2: 3.6	0% Низкий	почти 10 лет назад
CVE-2016-0791 Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.	CVSS3: 9.8	0% Низкий	почти 10 лет назад
CVE-2016-0791 Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time ...	CVSS3: 9.8	0% Низкий	почти 10 лет назад
GHSA-jmw7-ph6p-33cc Exposure of Sensitive Information in Jenkins Core	CVSS3: 9.8	0% Низкий	больше 3 лет назад

Уязвимостей на страницу