Max CVSS 5.8 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-2252 5.8
Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.
18-09-2020 - 13:57 16-09-2020 - 14:15
CVE-2020-2254 3.5
Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag that, when enabled, allows an attacker with Job/Configure or Job/Create permission to read arbitrary files on the Jenkins controller file system.
18-09-2020 - 13:39 16-09-2020 - 14:15
CVE-2020-2255 4.0
A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.
18-09-2020 - 13:29 16-09-2020 - 14:15
Back to Top Mark selected
Back to Top