CVE-2020-2179

Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

Published Feb 3, 2026

https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1825

CVSS ScoreHigh

8.8

Ecosystem	Package	Version

Ecosystem	Package	Version

Vulnerabilities

CVE-2020-2179

Jenkins Yaml Axis Plugin 0.2.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

Published Feb 3, 2026

https://jenkins.io/security/advisory/2020-04-16/#SECURITY-1825

CVSS ScoreHigh

8.8


maven	org.jenkins-ci.plugins/yaml-axis	0.1.0
maven	org.jenkins-ci.plugins/yaml-axis	0.1.1
maven	org.jenkins-ci.plugins/yaml-axis	0.1.2
maven	org.jenkins-ci.plugins/yaml-axis	0.2.0

Ecosystem	Package	Version


maven	org.jenkins-ci.plugins/yaml-axis	0.1.0
maven	org.jenkins-ci.plugins/yaml-axis	0.1.1
maven	org.jenkins-ci.plugins/yaml-axis	0.1.2
maven	org.jenkins-ci.plugins/yaml-axis	0.2.0

Find vulnerabilities. Fix fast with AI.

CVE-2020-2179

CVE-2020-2179