| Max CVSS | 5.0 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-2309 | 4.0 |
A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.
|
25-10-2023 - 18:16 | 04-11-2020 - 15:15 | |
| CVE-2020-2306 | 4.0 |
A missing permission check in Jenkins Mercurial Plugin 2.11 and earlier allows attackers with Overall/Read permission to obtain a list of names of configured Mercurial installations.
|
25-10-2023 - 18:16 | 04-11-2020 - 15:15 | |
| CVE-2020-2308 | 4.0 |
A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names.
|
25-10-2023 - 18:16 | 04-11-2020 - 15:15 | |
| CVE-2020-2304 | 4.0 |
Jenkins Subversion Plugin 2.13.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
|
25-10-2023 - 18:16 | 04-11-2020 - 15:15 | |
| CVE-2020-2305 | 4.0 |
Jenkins Mercurial Plugin 2.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
|
25-10-2023 - 18:16 | 04-11-2020 - 15:15 | |
| CVE-2020-2307 | 4.0 |
Jenkins Kubernetes Plugin 1.27.3 and earlier allows low-privilege users to access possibly sensitive Jenkins controller environment variables.
|
25-10-2023 - 18:16 | 04-11-2020 - 15:15 | |
| CVE-2020-28362 | 5.0 |
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
|
30-11-2021 - 22:07 | 18-11-2020 - 17:15 |