Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe
Filtered by product Mac
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-2148 1 Jenkins 1 Mac 2024-11-21 4.0 MEDIUM 4.3 MEDIUM
A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials.
CVE-2020-2147 1 Jenkins 1 Mac 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.
CVE-2020-2146 1 Jenkins 1 Mac 2024-11-21 5.8 MEDIUM 7.4 HIGH
Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks.