Jenkins Project Jenkins Google Kubernetes Engine Plugin vulnerabilities
3 known vulnerabilities affecting jenkins_project/jenkins_google_kubernetes_engine_plugin.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2020-2121HIGHCVSS 8.8≥ unspecified, ≤ 0.8.02020-02-12
CVE-2020-2121 [HIGH] CVE-2020-2121: Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prev
Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
cvelistv5nvd
CVE-2019-10445MEDIUMCVSS 4.3v0.7.0 and earlier2019-10-16
CVE-2019-10445 [MEDIUM] CWE-862 CVE-2019-10445: A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed atta
A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the scope of a credential with an attacker-specified credentials ID.
cvelistv5nvd
CVE-2019-10365MEDIUMCVSS 4.3v0.6.2 and earlier2019-07-31
CVE-2019-10365 [MEDIUM] CWE-668 CVE-2019-10365: Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temp
Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace, where it could be accessed by users with Job/Read permission.
cvelistv5nvd