Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Jenkins Subscribe
Filtered by product Sounds
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-2097 1 Jenkins 1 Sounds 2020-01-23 6.5 MEDIUM 8.8 HIGH
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins.
CVE-2020-2098 1 Jenkins 1 Sounds 2020-01-22 9.3 HIGH 8.8 HIGH
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins.