Lucene search
Jenkins Google Kubernetes Engine Plugin Security Vulnerabilities
cve
Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution...
8.8CVSS
8.9AI Score
0.011EPSS
2020-02-12 03:15 PM
36
cve
A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the scope of a credential with an attacker-specified credentials...
4.3CVSS
4.2AI Score
0.001EPSS
2019-10-16 02:15 PM
40
cve
Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace, where it could be accessed by users with Job/Read...
4.3CVSS
4.5AI Score
0.001EPSS
2019-07-31 01:15 PM
26