CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

Jenkins Security Advisory 2020-03-09

unknownCVE-2020-2134CVE-2020-2135CVE-2020-2136CVE-2020-2137CVE-2020-2138CVE-2020-2139
Affects plugin: Audit Trail Affects plugin: Backlog Affects plugin: Cobertura Affects plugin: CryptoMove Affects plugin: DeployHub Affects plugin: Git Affects plugin: Literate Affects plugin: Logstash Affects plugin: Mac Affects plugin: OpenShift Deployer Affects plugin: P4 Affects plugin: Quality Gates Affects plugin: Repository Connector Affects plugin: Rundeck Affects plugin: Script Security Affects plugin: Skytap Cloud CI Affects plugin: Sonar Quality Gates Affects plugin: Subversion Release Manager Affects plugin: Timestamper Affects plugin: Zephyr Enterprise Test Management Affects plugin: Zephyr for JIRA Test Management

Details

Source
Jenkins Security Advisories (INTL · vendor-psirt · site)
Severity
unknown
Published
2020-03-09
Exploitation
Not in CISA KEV at last sync

Original advisory: https://www.jenkins.io/security/advisory/2020-03-09/

Exploitation outlook

EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.

Referenced CVEs

CVECSIRTS overviewExternal
CVE-2020-2134coverage & exploitation statusNVD · CVE.org
CVE-2020-2135coverage & exploitation statusNVD · CVE.org
CVE-2020-2136coverage & exploitation statusNVD · CVE.org
CVE-2020-2137coverage & exploitation statusNVD · CVE.org
CVE-2020-2138coverage & exploitation statusNVD · CVE.org
CVE-2020-2139coverage & exploitation statusNVD · CVE.org
CVE-2020-2140coverage & exploitation statusNVD · CVE.org
CVE-2020-2141coverage & exploitation statusNVD · CVE.org
CVE-2020-2142coverage & exploitation statusNVD · CVE.org
CVE-2020-2143coverage & exploitation statusNVD · CVE.org
CVE-2020-2144coverage & exploitation statusNVD · CVE.org
CVE-2020-2145coverage & exploitation statusNVD · CVE.org
CVE-2020-2146coverage & exploitation statusNVD · CVE.org
CVE-2020-2147coverage & exploitation statusNVD · CVE.org
CVE-2020-2148coverage & exploitation statusNVD · CVE.org
CVE-2020-2149coverage & exploitation statusNVD · CVE.org
CVE-2020-2150coverage & exploitation statusNVD · CVE.org
CVE-2020-2151coverage & exploitation statusNVD · CVE.org
CVE-2020-2152coverage & exploitation statusNVD · CVE.org
CVE-2020-2153coverage & exploitation statusNVD · CVE.org
CVE-2020-2154coverage & exploitation statusNVD · CVE.org
CVE-2020-2155coverage & exploitation statusNVD · CVE.org
CVE-2020-2156coverage & exploitation statusNVD · CVE.org
CVE-2020-2157coverage & exploitation statusNVD · CVE.org
CVE-2020-2158coverage & exploitation statusNVD · CVE.org
CVE-2020-2159coverage & exploitation statusNVD · CVE.org

More from Jenkins Security Advisories