Max CVSS 6.0 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-15586 4.3
Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, because it reads a request body and writes a response at the same time.
14-06-2021 - 18:15 17-07-2020 - 16:15
CVE-2020-16845 5.0
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
14-06-2021 - 18:15 06-08-2020 - 18:15
CVE-2020-16845 5.0
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
24-09-2020 - 12:15 06-08-2020 - 18:15
CVE-2020-8559 6.0
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise
10-08-2020 - 12:15 22-07-2020 - 14:15
CVE-2020-2226 3.5
Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does not escape user names shown in the configuration, resulting in a stored cross-site scripting vulnerability.
22-07-2020 - 16:37 15-07-2020 - 18:15
CVE-2020-2224 3.5
Jenkins Matrix Project Plugin 1.16 and earlier does not escape the node names shown in tooltips on the overview page of builds with a single axis, resulting in a stored cross-site scripting vulnerability.
21-07-2020 - 16:29 15-07-2020 - 18:15
CVE-2020-2225 3.5
Jenkins Matrix Project Plugin 1.16 and earlier does not escape the axis names shown in tooltips on the overview page of builds with multiple axes, resulting in a stored cross-site scripting vulnerability.
21-07-2020 - 16:27 15-07-2020 - 18:15
CVE-2020-2181 4.0
Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets in the build log when the build contains no build steps.
11-05-2020 - 20:44 06-05-2020 - 13:15
CVE-2020-2182 4.0
Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets containing a `$` character in some circumstances.
11-05-2020 - 20:36 06-05-2020 - 13:15
Back to Top Mark selected
Back to Top