vulnerability

FreeBSD: VID-a250539d-d1d4-4591-afd3-c8bdfac335d8 (CVE-2020-2107): jenkins -- multiple vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:P/I:N/A:N)	Jan 29, 2020	Jan 30, 2020	Dec 10, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:N/A:N)

Published

Jan 29, 2020

Added

Jan 30, 2020

Modified

Dec 10, 2025

Description

Jenkins Security Advisory: Description (High) SECURITY-1682 / CVE-2020-2099 Inbound TCP Agent Protocol/3 authentication bypass (Medium) SECURITY-1641 / CVE-2020-2100 Jenkins vulnerable to UDP amplification reflection attack (Medium) SECURITY-1659 / CVE-2020-2101 Non-constant time comparison of inbound TCP agent connection secret (Medium) SECURITY-1660 / CVE-2020-2102 Non-constant time HMAC comparison (Medium) SECURITY-1695 / CVE-2020-2103 Diagnostic page exposed session cookies (Medium) SECURITY-1650 / CVE-2020-2104 Memory usage graphs accessible to anyone with Overall/Read (Low) SECURITY-1704 / CVE-2020-2105 Jenkins REST APIs vulnerable to clickjacking (Medium) SECURITY-1680 / CVE-2020-2106 Stored XSS vulnerability in Code Coverage API Plugin (Medium) SECURITY-1565 / CVE-2020-2107 Fortify Plugin stored credentials in plain text (High) SECURITY-1719 / CVE-2020-2108 XXE vulnerability in WebSphere Deployer Plugin

Solutions

freebsd-upgrade-package-jenkinsfreebsd-upgrade-package-jenkins-lts

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today