Skip to main content

Google Kubernetes Engine

2 CVEs product

Monthly

CVE-2020-2121 Maven HIGH PATCH This Week

Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Kubernetes RCE Jenkins Google Kubernetes Engine
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2019-10445 Maven MEDIUM PATCH This Month

A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the scope of a credential. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Kubernetes Google Google Kubernetes Engine
NVD
CVSS 3.1
4.3
EPSS
0.7%
EPSS 3% CVSS 8.8
HIGH PATCH This Week

Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Google Kubernetes RCE +2
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

A missing permission check in Jenkins Google Kubernetes Engine Plugin 0.7.0 and earlier allowed attackers with Overall/Read permission to obtain limited information about the scope of a credential. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Jenkins Kubernetes +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy