{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T18:52:02.835","vulnerabilities":[{"cve":{"id":"CVE-2020-2214","sourceIdentifier":"jenkinsci-cert@googlegroups.com","published":"2020-07-02T15:15:18.303","lastModified":"2024-11-21T05:24:58.767","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Jenkins ZAP Pipeline Plugin 1.9 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc. that Jenkins offers for download."},{"lang":"es","value":"Jenkins ZAP Pipeline Plugin versiones 1.9 y anteriores, deshabilitan de forma programada una protección de la Política de Seguridad de Contenido para el contenido generado por el usuario en espacios de trabajo, artefactos archivados, etc. que Jenkins ofrece para descargar"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:jenkins:zap_pipeline:*:*:*:*:*:jenkins:*:*","versionEndIncluding":"1.9","matchCriteriaId":"7847B1A3-80CC-433E-9A2F-200CF1BBD947"}]}]}],"references":[{"url":"http://www.openwall.com/lists/oss-security/2020/07/02/7","source":"jenkinsci-cert@googlegroups.com","tags":["Third Party Advisory"]},{"url":"https://jenkins.io/security/advisory/2020-07-02/#SECURITY-1811","source":"jenkinsci-cert@googlegroups.com","tags":["Vendor Advisory"]},{"url":"http://www.openwall.com/lists/oss-security/2020/07/02/7","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://jenkins.io/security/advisory/2020-07-02/#SECURITY-1811","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}