Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2022/05/24 5:28 p.m.6 views

br.com.ingenieux.jenkins.plugins:codecommit-url-helper (=0.0.1), cf.pgmann.plugins:url-auth-sso (=1.0) +128 more potentially affected by CVE-2020-2252 via org.jenkins-ci.plugins:mailer (>=1.10 <=1.23)

org.jenkins-ci.plugins:mailer MAVEN version =1.10, =1.9.2-beta, =1.14.0, =4.1.1, =2.30.2, =1.0.22, =1.3.0, =0.11.0, =1.0, =1.0.0, =1.0.1 and more Source cves: CVE-2020-2252 Source advisory: OSV:GHSA-6FR3-286Q-Q3CR...

5.8CVSS5.8AI score0.00963EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/11/17 4:40 a.m.73 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.11.318 jenkins-2-plugins security update

An update for jenkins-2-plugins is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

6.5CVSS6.1AI score0.02126EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/10/27 2:53 p.m.96 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.1 package security update

An update for jenkins-2-plugins, openshift-clients, podman, runc, and skopeo is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a...

9.9CVSS6.7AI score0.0473EPSS
Exploits0References9
NVD
NVD
added 2020/09/16 2:15 p.m.34 views

CVE-2020-2252

Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server...

5.8CVSS0.00963EPSS
Exploits0References2
CVE
CVE
added 2020/09/16 1:20 p.m.130 views

CVE-2020-2252

CVE-2020-2252 affects Jenkins Mailer Plugin prior to 1.32. The issue is that the plugin did not perform hostname validation when connecting to the configured SMTP server, enabling potential man-in-the-middle tampering of TLS connections. Exploitation details are not provided in the supplied docum...

5.8CVSS4.8AI score0.00963EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder