| Max CVSS | 5.0 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-2182 | 4.0 |
Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets containing a `$` character in some circumstances.
|
25-10-2023 - 18:16 | 06-05-2020 - 13:15 | |
| CVE-2020-2226 | 3.5 |
Jenkins Matrix Authorization Strategy Plugin 2.6.1 and earlier does not escape user names shown in the configuration, resulting in a stored cross-site scripting vulnerability.
|
25-10-2023 - 18:16 | 15-07-2020 - 18:15 | |
| CVE-2020-2225 | 3.5 |
Jenkins Matrix Project Plugin 1.16 and earlier does not escape the axis names shown in tooltips on the overview page of builds with multiple axes, resulting in a stored cross-site scripting vulnerability.
|
25-10-2023 - 18:16 | 15-07-2020 - 18:15 | |
| CVE-2020-2181 | 4.0 |
Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets in the build log when the build contains no build steps.
|
25-10-2023 - 18:16 | 06-05-2020 - 13:15 | |
| CVE-2020-2224 | 3.5 |
Jenkins Matrix Project Plugin 1.16 and earlier does not escape the node names shown in tooltips on the overview page of builds with a single axis, resulting in a stored cross-site scripting vulnerability.
|
25-10-2023 - 18:16 | 15-07-2020 - 18:15 | |
| CVE-2020-13757 | 5.0 |
Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted cipherte
|
01-03-2023 - 03:09 | 01-06-2020 - 19:15 |