CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Jenkins: >> Perfecto >> 1.16 Security Vulnerabilities

CVE-2020-2260

A missing permission check in Jenkins Perfecto Plugin 1.17 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials.

CVSS Score

4.3

EPSS Score

0.0

Published

2020-09-16

CVE-2020-2261

Jenkins Perfecto Plugin 1.17 and earlier executes a command on the Jenkins controller, allowing attackers with Job/Configure permission to run arbitrary commands on the Jenkins controller

CVSS Score

8.8

EPSS Score

0.002

Published

2020-09-16

Page 1

Vulnerabilities

Vulnerable Software

Jenkins: >> Perfecto >> 1.16 Security Vulnerabilities

Products

Pricing

Contact Us