| Max CVSS | 4.0 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-2198 | 4.0 |
Jenkins Project Inheritance Plugin 19.08.02 and earlier does not redact encrypted secrets in the 'getConfigAsXML' API URL when transmitting job config.xml data to users without Job/Configure.
|
25-10-2023 - 18:16 | 03-06-2020 - 13:15 | |
| CVE-2020-2197 | 4.0 |
Jenkins Project Inheritance Plugin 19.08.02 and earlier does not require users to have Job/ExtendedRead permission to access Inheritance Project job configurations in XML format.
|
25-10-2023 - 18:16 | 03-06-2020 - 13:15 |