CVE-2020-2177

Jenkins Copr Plugin 0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

Published Feb 3, 2026

https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1556

CVSS ScoreMedium

4.3

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2020-2177

Jenkins Copr Plugin 0.3 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

Published Feb 3, 2026

https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1556

CVSS ScoreMedium

4.3


maven	org.fedoraproject.jenkins.plugins/copr	0.1
maven	org.fedoraproject.jenkins.plugins/copr	0.2
maven	org.fedoraproject.jenkins.plugins/copr	0.3

Ecosystem	Package	Version


maven	org.fedoraproject.jenkins.plugins/copr	0.1
maven	org.fedoraproject.jenkins.plugins/copr	0.2
maven	org.fedoraproject.jenkins.plugins/copr	0.3

Find vulnerabilities. Fix fast with AI.

CVE-2020-2177

CVE-2020-2177