Lucene search
RedhatCVELIST:CVE-2016-0791HistoryApr 07, 2016 - 11:00 p.m.
CVE-2016-0791
2016-04-0723:00:00
redhat
www.cve.org
6
Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach.
Related
cve
cve
CVE-2016-0791
2016-04-07 23:59:02
osv
osv
Exposure of Sensitive Information in Jenkins Core
2022-05-14 03:58:15
prion
prion
Cross site request forgery (csrf)
2016-04-07 23:59:00
veracode
veracode
Timing Attack
2019-05-02 05:29:28
ubuntucve
ubuntucve
CVE-2016-0791
2016-04-07 00:00:00
nvd
nvd
CVE-2016-0791
2016-04-07 23:59:02
github
github
Exposure of Sensitive Information in Jenkins Core
2022-05-14 03:58:15
freebsd
freebsd
jenkins -- multiple vulnerabilities
2016-02-24 00:00:00
nessus
nessus
FreeBSD : jenkins -- multiple vulnerabilities (7e01df39-db7e-11e5-b937-00e0814cab4e)
2016-02-25 00:00:00
RHEL 7 : jenkins (RHSA-2016:0711)
2018-12-04 00:00:00
redhat
redhat
openvas
openvas
Fedora Update for jenkins FEDORA-2016-641
2016-03-18 00:00:00
Fedora Update for jenkins-remoting FEDORA-2016-0
2016-03-18 00:00:00
Jenkins Multiple Vulnerabilities (Feb 2016) - Linux
2016-05-20 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: jenkins-1.625.3-3.fc23
2016-03-17 21:00:40
[SECURITY] Fedora 22 Update: jenkins-1.609.3-6.fc22
2016-03-17 21:25:57
[SECURITY] Fedora 23 Update: jenkins-remoting-2.53.3-1.fc23
2016-03-17 21:00:40