Lucene search

K

Veracode Vulnerability DatabaseVERACODE:16648

HistoryMay 02, 2019 - 5:21 a.m.

CSRF Protection Bypass

2019-05-0205:21:21

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

10

0.002 Low

EPSS

Percentile

54.2%

Jenkins bypasses CSRF Protection. It is possible because it uses a publicly accessible salt to generate CSRF protection tokens, allows an attacker to a brute force the protection mechanism to bypass it. .

CPENameOperatorVersion
nodejs-stream-combinereq0.2.1__1.el7
nodejs-througheq2.3.4__2.el7
nodejs-read-all-streameq1.0.2__1.el7
nodejs-readdirpeq0.4.0__1.el7
nodejs-osenveq0.0.3__5.el7
nodejs-optimisteq0.4.0__1.el7
nodejs-pause-streameq0.0.11__1.el7
atomic-openshifteq3.1.0.4__1.git.15.5e061c3.el7aos
atomic-openshifteq3.1.0.4__1.git.4.b6c7cd2.el7aos
atomic-openshifteq3.1.0.4__1.git.10.ec10652.el7aos

Rows per page:

1-10 of 3811

References

rhn.redhat.com/errata/RHSA-2016-0489.html

access.redhat.com/errata/RHSA-2016:0070

access.redhat.com/security/updates/classification/#important

bugzilla.redhat.com/show_bug.cgi?id=1243514

bugzilla.redhat.com/show_bug.cgi?id=1247523

bugzilla.redhat.com/show_bug.cgi?id=1254880

bugzilla.redhat.com/show_bug.cgi?id=1256869

bugzilla.redhat.com/show_bug.cgi?id=1268478

bugzilla.redhat.com/show_bug.cgi?id=1273739

bugzilla.redhat.com/show_bug.cgi?id=1277329

bugzilla.redhat.com/show_bug.cgi?id=1277383

bugzilla.redhat.com/show_bug.cgi?id=1277608

bugzilla.redhat.com/show_bug.cgi?id=1278232

bugzilla.redhat.com/show_bug.cgi?id=1278630

bugzilla.redhat.com/show_bug.cgi?id=1279404

bugzilla.redhat.com/show_bug.cgi?id=1279744

bugzilla.redhat.com/show_bug.cgi?id=1279925

bugzilla.redhat.com/show_bug.cgi?id=1280216

bugzilla.redhat.com/show_bug.cgi?id=1280497

bugzilla.redhat.com/show_bug.cgi?id=1282426

bugzilla.redhat.com/show_bug.cgi?id=1282738

bugzilla.redhat.com/show_bug.cgi?id=1283952

bugzilla.redhat.com/show_bug.cgi?id=1284506

bugzilla.redhat.com/show_bug.cgi?id=1287414

bugzilla.redhat.com/show_bug.cgi?id=1287943

bugzilla.redhat.com/show_bug.cgi?id=1288014

bugzilla.redhat.com/show_bug.cgi?id=1289603

bugzilla.redhat.com/show_bug.cgi?id=1289965

bugzilla.redhat.com/show_bug.cgi?id=1290643

bugzilla.redhat.com/show_bug.cgi?id=1290967

bugzilla.redhat.com/show_bug.cgi?id=1292621

bugzilla.redhat.com/show_bug.cgi?id=1293251

bugzilla.redhat.com/show_bug.cgi?id=1293252

bugzilla.redhat.com/show_bug.cgi?id=1293829

bugzilla.redhat.com/show_bug.cgi?id=1293877

bugzilla.redhat.com/show_bug.cgi?id=1294115

bugzilla.redhat.com/show_bug.cgi?id=1294798

bugzilla.redhat.com/show_bug.cgi?id=1296457

rhn.redhat.com/errata/RHSA-2016-0070.html

wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11

0.002 Low

EPSS

Percentile

54.2%

Related for VERACODE:16648

cvelist1 cve1 ubuntucve1 nvd1 prion1 fedora4 nessus4 openvas3 archlinux1 redhat3 veracode11