VYPR

Sounds Plugin

by Jenkins Project

Source repositories

CVEs (2)

  • CVE-2020-2097Jan 15, 2020
    risk 0.00cvss epss 0.01

    Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins.

  • CVE-2020-2098Jan 15, 2020
    risk 0.00cvss epss 0.01

    A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.