| Max CVSS | 10.0 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2020-2321 | 5.8 |
A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project.
|
03-11-2023 - 17:46 | 03-12-2020 - 16:15 | |
| CVE-2020-2324 | 5.0 |
Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
|
25-10-2023 - 18:16 | 03-12-2020 - 16:15 | |
| CVE-2020-2320 | 10.0 |
Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads.
|
25-10-2023 - 18:16 | 03-12-2020 - 16:15 | |
| CVE-2020-2323 | 5.0 |
Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions.
|
25-10-2023 - 18:16 | 03-12-2020 - 16:15 | |
| CVE-2020-2322 | 5.0 |
Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks.
|
25-10-2023 - 18:16 | 03-12-2020 - 16:15 |