cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2020-2118,https://securityvulnerability.io/vulnerability/CVE-2020-2118,,A missing permission check in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.,Jenkins,Jenkins Pipeline Github Notify Step Plugin,4.3,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2020-02-12T14:35:44.000Z,0 CVE-2020-2116,https://securityvulnerability.io/vulnerability/CVE-2020-2116,,"A cross-site request forgery vulnerability in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.",Jenkins,Jenkins Pipeline Github Notify Step Plugin,8.8,HIGH,0.0008800000068731606,false,false,false,false,,false,false,2020-02-12T14:35:43.000Z,0 CVE-2020-2117,https://securityvulnerability.io/vulnerability/CVE-2020-2117,,"A missing permission check in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.",Jenkins,Jenkins Pipeline Github Notify Step Plugin,4.3,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2020-02-12T14:35:43.000Z,0