Vulnerabilities > Jenkins > Jenkins > 1.483
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-17 | CVE-2014-2060 | Unspecified vulnerability in Jenkins The Winstone servlet container in Jenkins before 1.551 and LTS before 1.532.2 allows remote attackers to hijack sessions via unspecified vectors. | 5.0 |
| 2014-10-17 | CVE-2014-2058 | Permissions, Privileges, and Access Controls vulnerability in Jenkins BuildTrigger in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to bypass access restrictions and execute arbitrary jobs by configuring a job to trigger another job. | 6.5 |
| 2014-10-17 | CVE-2013-7330 | Permissions, Privileges, and Access Controls vulnerability in Jenkins Jenkins before 1.502 allows remote authenticated users to configure an otherwise restricted project via vectors related to post-build actions. | 4.0 |
| 2014-10-16 | CVE-2014-3666 | Code Injection vulnerability in multiple products Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel. | 7.5 |
| 2014-03-01 | CVE-2014-2067 | Cross-Site Scripting vulnerability in Jenkins Cross-site scripting (XSS) vulnerability in java/hudson/model/Cause.java in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to inject arbitrary web script or HTML via a "remote cause note." | 3.5 |
| 2014-03-01 | CVE-2014-2059 | Path Traversal vulnerability in Jenkins Directory traversal vulnerability in the CLI job creation (hudson/cli/CreateJobCommand.java) in Jenkins before 1.551 and LTS before 1.532.2 allows remote authenticated users to overwrite arbitrary files via the job name. | 6.5 |
| 2013-03-19 | CVE-2013-0331 | Improper Input Validation vulnerability in Jenkins Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload. | 4.0 |
| 2013-03-19 | CVE-2013-0330 | Security Bypass vulnerability in Jenkins Unspecified vulnerability in Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to build arbitrary jobs via unknown attack vectors. | 4.0 |