Max CVSS | 5.8 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-2255 | 4.0 |
A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.
|
25-10-2023 - 18:16 | 16-09-2020 - 14:15 | |
CVE-2020-2252 | 5.8 |
Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.
|
25-10-2023 - 18:16 | 16-09-2020 - 14:15 | |
CVE-2020-2254 | 3.5 |
Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag that, when enabled, allows an attacker with Job/Configure or Job/Create permission to read arbitrary files on the Jenkins controller file system.
|
25-10-2023 - 18:16 | 16-09-2020 - 14:15 |