CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Mac >> 1.0 Security Vulnerabilities

CVE-2020-2146

Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.

CVSS Score

7.4

EPSS Score

0.0

Published

2020-03-09

CVE-2020-2147

A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.

CVSS Score

4.3

EPSS Score

0.003

Published

2020-03-09

CVE-2020-2148

A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials.

CVSS Score

4.3

EPSS Score

0.001

Published

2020-03-09

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Mac >> 1.0 Security Vulnerabilities

Products

Pricing

Contact Us