Mac

mac

Vendor: Jenkins • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2020-2148 1Jenkins 1Mac Nov 21, 2024 Mar 9, 2020 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials.
CVE-2020-2147 1Jenkins 1Mac Nov 21, 2024 Mar 9, 2020 N/A· v4 4.3 MEDIUM· v3 4.3 MEDIUM· v2 A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.
CVE-2020-2146 1Jenkins 1Mac Nov 21, 2024 Mar 9, 2020 N/A· v4 7.4 HIGH· v3 5.8 MEDIUM· v2 Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.