| Max CVSS | 6.5 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-2180 | 6.5 |
Jenkins AWS SAM Plugin 1.2.2 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
|
25-10-2023 - 18:16 | 16-04-2020 - 19:15 | |
| CVE-2020-2178 | 5.5 |
Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
|
25-10-2023 - 18:16 | 16-04-2020 - 19:15 | |
| CVE-2020-2179 | 6.5 |
Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
|
25-10-2023 - 18:16 | 16-04-2020 - 19:15 | |
| CVE-2020-2177 | 4.0 |
Jenkins Copr Plugin 0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
|
25-10-2023 - 18:16 | 16-04-2020 - 19:15 |