Maven package
fr.edf.jenkins.plugins/mac
pkg:maven/fr.edf.jenkins.plugins/mac
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-2148 | — | < 1.2.0 | 1.2.0 | Mar 9, 2020 | A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. | ||
| CVE-2020-2147 | — | < 1.2.0 | 1.2.0 | Mar 9, 2020 | A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials. | ||
| CVE-2020-2146 | — | < 1.2.0 | 1.2.0 | Mar 9, 2020 | Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks. |
- CVE-2020-2148Mar 9, 2020affected < 1.2.0fixed 1.2.0
A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials.
- CVE-2020-2147Mar 9, 2020affected < 1.2.0fixed 1.2.0
A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.
- CVE-2020-2146Mar 9, 2020affected < 1.2.0fixed 1.2.0
Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.