CVE-2020-2320
- Source
- https://cve.org/CVERecord?id=CVE-2020-2320
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-2320.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-2320
- Aliases
- Published
- 2020-12-03T16:15:12.573Z
- Modified
- 2026-03-14T10:20:51.000247Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads.
- References
Affected packages
Git / github.com/jenkinsci/plugin-installation-manager-tool
Affected versions
0.*
0.1-alpha-10
0.1-alpha-4
0.1-alpha-5
0.1-alpha-9
2.*
2.1.0
2.1.1
2.1.2
2.1.3
Other
e7a0066
untagged-0930203b2fde6afcfe4e
jenkins-plugin-management-parent-pom-0.*
jenkins-plugin-management-parent-pom-0.1-alpha-3
jenkins-plugin-management-parent-pom-0.1-alpha-4
jenkins-plugin-management-parent-pom-0.1-alpha-5
jenkins-plugin-management-parent-pom-0.1-alpha-6
jenkins-plugin-management-parent-pom-0.1-alpha-7
parent-pom-.*
parent-pom-.01-alpha-2
parent-pom-0.*
parent-pom-0.1-alpha-1
plugin-management-parent-pom-0.*
plugin-management-parent-pom-0.1-alpha-10
plugin-management-parent-pom-0.1-alpha-11
plugin-management-parent-pom-0.1-alpha-12
plugin-management-parent-pom-0.1-alpha-14
plugin-management-parent-pom-0.1-alpha-15
plugin-management-parent-pom-0.1-alpha-9
plugin-management-parent-pom-1.*
plugin-management-parent-pom-1.0.1
plugin-management-parent-pom-1.0.2
plugin-management-parent-pom-1.1.0
plugin-management-parent-pom-1.1.2
plugin-management-parent-pom-1.2.0
plugin-management-parent-pom-2.*
plugin-management-parent-pom-2.0.0
plugin-management-parent-pom-2.0.0-beta-1
plugin-management-parent-pom-2.0.1