Jenkins Google Kubernetes Engine vulnerabilities
2 known vulnerabilities affecting jenkins/google_kubernetes_engine.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2020-2121HIGHCVSS 8.8≤ 0.8.02020-02-12
CVE-2020-2121 [HIGH] CVE-2020-2121: Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prev
Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
nvd
CVE-2019-10445MEDIUMCVSS 4.3≤ 0.7.02019-10-16
CVE-2019-10445 [MEDIUM] CWE-862 CVE-2019-10445: A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed atta
A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the scope of a credential with an attacker-specified credentials ID.
nvd