Lucene search
JenkinsCVELIST:CVE-2020-2160HistoryMar 25, 2020 - 4:05 p.m.
CVE-2020-2160
2020-03-2516:05:34
jenkins
www.cve.org
1
Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL.
CNA Affected
[
{
"product": "Jenkins",
"vendor": "Jenkins project",
"versions": [
{
"lessThanOrEqual": "2.227",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThanOrEqual": "LTS 2.204.5",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
osv
osv
Cross-Site Request Forgery in Jenkins
2022-05-24 17:12:40
CVE-2020-2160
2020-03-25 17:15:14
BIT-jenkins-2020-2160
2024-03-06 11:06:01
github
github
Cross-Site Request Forgery in Jenkins
2022-05-24 17:12:40
cve
cve
CVE-2020-2160
2020-03-25 17:15:14
redhatcve
redhatcve
CVE-2020-2160
2021-08-15 11:34:50
veracode
veracode
Cross-site Request Forgery (CSRF)
2020-07-04 03:14:58
nvd
nvd
CVE-2020-2160
2020-03-25 17:15:14
alpinelinux
alpinelinux
CVE-2020-2160
2020-03-25 17:15:14
prion
prion
Cross site request forgery (csrf)
2020-03-25 17:15:00
openvas
openvas
Jenkins < 2.228, < 2.204.6 LTS Multiple Vulnerabilities - Windows
2020-03-26 00:00:00
Jenkins < 2.228, < 2.204.6 LTS Multiple Vulnerabilities - Linux
2020-03-26 00:00:00
nessus
nessus
FreeBSD : jenkins -- multiple vulnerabilities (5bf6ed6d-9002-4f43-ad63-458f59e45384)
2020-03-26 00:00:00
Jenkins < (2.204.6 / 2.222.1) LTS / 2.228 Multiple Vulnerabilities
2020-04-02 00:00:00
freebsd
freebsd
jenkins -- multiple vulnerabilities
2020-03-25 00:00:00