Amazon Ec2 Jenkins Amazon Ec2

Do you want an email whenever new security vulnerabilities are reported in Jenkins Amazon Ec2?

By the Year

In 2024 there have been 0 vulnerabilities in Jenkins Amazon Ec2 . Amazon Ec2 did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 6 6.12
2019 0 0.00
2018 0 0.00

It may take a day or so for new Amazon Ec2 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Jenkins Amazon Ec2 Security Vulnerabilities

Jenkins Amazon EC2 Plugin 1.50.1 and earlier does not validate SSH host keys when connecting agents

CVE-2020-2185 5.6 - Medium - May 06, 2020

Jenkins Amazon EC2 Plugin 1.50.1 and earlier does not validate SSH host keys when connecting agents, enabling man-in-the-middle attacks.

A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.50.1 and earlier

CVE-2020-2186 4.3 - Medium - May 06, 2020

A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.50.1 and earlier allows attackers to provision instances.

Session Riding

Jenkins Amazon EC2 Plugin 1.50.1 and earlier unconditionally accepts self-signed certificates and does not perform hostname validation

CVE-2020-2187 5.6 - Medium - May 06, 2020

Jenkins Amazon EC2 Plugin 1.50.1 and earlier unconditionally accepts self-signed certificates and does not perform hostname validation, enabling man-in-the-middle attacks.

Improper Certificate Validation

A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1 and earlier in form-related methods

CVE-2020-2188 4.3 - Medium - May 06, 2020

A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.

AuthZ

A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.47 and earlier

CVE-2020-2090 8.8 - High - January 15, 2020

A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.47 and earlier allows attackers to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method.

Session Riding

A missing permission check in Jenkins Amazon EC2 Plugin 1.47 and earlier

CVE-2020-2091 8.1 - High - January 15, 2020

A missing permission check in Jenkins Amazon EC2 Plugin 1.47 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method.

AuthZ

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Jenkins Amazon Ec2 or by Jenkins? Click the Watch button to subscribe.

Jenkins
Vendor

subscribe