cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2020-2187,https://securityvulnerability.io/vulnerability/CVE-2020-2187,,"Jenkins Amazon EC2 Plugin 1.50.1 and earlier unconditionally accepts self-signed certificates and does not perform hostname validation, enabling man-in-the-middle attacks.",Jenkins,Jenkins Amazon Ec2 Plugin,5.6,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2020-05-06T12:45:25.000Z,0
CVE-2020-2188,https://securityvulnerability.io/vulnerability/CVE-2020-2188,,A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.,Jenkins,Jenkins Amazon Ec2 Plugin,4.3,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-05-06T12:45:25.000Z,0
CVE-2020-2185,https://securityvulnerability.io/vulnerability/CVE-2020-2185,,"Jenkins Amazon EC2 Plugin 1.50.1 and earlier does not validate SSH host keys when connecting agents, enabling man-in-the-middle attacks.",Jenkins,Jenkins Amazon Ec2 Plugin,5.6,MEDIUM,0.0006500000017695129,false,,false,false,false,,,false,false,,2020-05-06T12:45:24.000Z,0
CVE-2020-2186,https://securityvulnerability.io/vulnerability/CVE-2020-2186,,A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.50.1 and earlier allows attackers to provision instances.,Jenkins,Jenkins Amazon Ec2 Plugin,4.3,MEDIUM,0.0005600000149570405,false,,false,false,false,,,false,false,,2020-05-06T12:45:24.000Z,0
CVE-2020-2090,https://securityvulnerability.io/vulnerability/CVE-2020-2090,,A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.47 and earlier allows attackers to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method.,Jenkins,Jenkins Amazon Ec2 Plugin,8.8,HIGH,0.0007300000288523734,false,,false,false,false,,,false,false,,2020-01-15T15:15:23.000Z,0
CVE-2020-2091,https://securityvulnerability.io/vulnerability/CVE-2020-2091,,A missing permission check in Jenkins Amazon EC2 Plugin 1.47 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method.,Jenkins,Jenkins Amazon Ec2 Plugin,8.1,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2020-01-15T00:00:00.000Z,0
CVE-2019-10364,https://securityvulnerability.io/vulnerability/CVE-2019-10364,,Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of private keys to the Jenkins system log.,Jenkins,Jenkins Amazon Ec2 Plugin,5.5,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2019-07-31T12:45:21.000Z,0