Lucene search
+L

7 matches found

vulnersOsv
vulnersOsv
added 2022/05/24 5:7 p.m.8 views

ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1591 more potentially affected by CVE-2020-2105 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.20)

org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2020-2105 Source advisory: OSV:GHSA-7XP8-7WQX-5HQX...

5.4CVSS5.8AI score0.0185EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/02/04 12:0 a.m.64 views

Jenkins < 2.219, < 2.204.2 LTS Multiple Vulnerabilities - Windows

Jenkins is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.8CVSS5.5AI score0.07044EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2020/02/04 12:0 a.m.62 views

Jenkins < 2.219, < 2.204.2 LTS Multiple Vulnerabilities - Linux

Jenkins is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.8CVSS5.5AI score0.07044EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2020/01/31 8:39 p.m.23 views

CVE-2020-2105

REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks...

5.4CVSS3.1AI score0.0185EPSS
Exploits0References3
NVD
NVD
added 2020/01/29 4:15 p.m.21 views

CVE-2020-2105

REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks...

5.4CVSS5.4AI score0.0185EPSS
Exploits0References6
OSV
OSV
added 2020/01/29 4:15 p.m.18 views

CVE-2020-2105

REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks...

5.4CVSS6.6AI score
Exploits0References6
CVE
CVE
added 2020/01/29 3:15 p.m.114 views

CVE-2020-2105

CVE-2020-2105 concerns Jenkins REST APIs being vulnerable to clickjacking due to missing X-Frame-Options header in versions up to 2.218 (and LTS up to 2.204.1). The root cause is that REST API responses were not served with deny framing, enabling an attacker to embed endpoints in an iframe and tr...

5.4CVSS5.6AI score0.0185EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder