CVE-2020-2307

State: PUBLISHED · Published: 2020-11-04 · Updated: 2024-08-04 · Assigner: jenkins

Description

Jenkins Kubernetes Plugin 1.27.3 and earlier allows low-privilege users to access possibly sensitive Jenkins controller environment variables.

CWE

Affected

Jenkins project / Jenkins Kubernetes Plugin — v=unspecified ≤1.27.3 [affected]; v=1.26.5 [unaffected]; v=1.25.4.1 [unaffected]; v=1.21.6 [unaffected]

CVSS

References

Source

cvelistV5-main/cves/2020/2xxx/CVE-2020-2307.json