| Max CVSS | 3.5 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-2220 | 3.5 |
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the agent name in the build time trend page, resulting in a stored cross-site scripting vulnerability.
|
25-10-2023 - 18:16 | 15-07-2020 - 18:15 | |
| CVE-2020-2222 | 3.5 |
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the job name in the 'Keep this build forever' badge tooltip, resulting in a stored cross-site scripting vulnerability.
|
25-10-2023 - 18:16 | 15-07-2020 - 18:15 | |
| CVE-2020-2223 | 3.5 |
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape correctly the 'href' attribute of links to downstream jobs displayed in the build console page, resulting in a stored cross-site scripting vulnerability.
|
25-10-2023 - 18:16 | 15-07-2020 - 18:15 | |
| CVE-2020-2221 | 3.5 |
Jenkins 2.244 and earlier, LTS 2.235.1 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting vulnerability.
|
25-10-2023 - 18:16 | 15-07-2020 - 18:15 | |
| CVE-2020-8557 | 2.1 |
The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet e
|
27-01-2023 - 20:35 | 23-07-2020 - 17:15 |