Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
CVE-2020-2272
CVE-2020-2272
A missing permission check in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.
Published Feb 4, 2026
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1903
http://www.openwall.com/lists/oss-security/2020/09/16/3
https://github.com/advisories/GHSA-mr43-vf8q-q5f2
CVSS Score
Medium
4.3
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
maven
org.jenkins-ci.plugins/elastest
0.10.0-beta1
maven
org.jenkins-ci.plugins/elastest
0.10.0-beta2
maven
org.jenkins-ci.plugins/elastest
0.10
maven
org.jenkins-ci.plugins/elastest
0.9.1-beta-1
maven
org.jenkins-ci.plugins/elastest
0.9.1-beta-2
maven
org.jenkins-ci.plugins/elastest
0.9.1-beta-4
maven
org.jenkins-ci.plugins/elastest
0.9.1
maven
org.jenkins-ci.plugins/elastest
1.0-beta1
maven
org.jenkins-ci.plugins/elastest
1.0-beta2
maven
org.jenkins-ci.plugins/elastest
1.0-beta4
maven
org.jenkins-ci.plugins/elastest
1.0-beta5
maven
org.jenkins-ci.plugins/elastest
1.0.0-beta1
maven
org.jenkins-ci.plugins/elastest
1.0.0-beta6
maven
org.jenkins-ci.plugins/elastest
1.0.0-beta7
maven
org.jenkins-ci.plugins/elastest
1.0.0-beta8
maven
org.jenkins-ci.plugins/elastest
1.0.0-beta9
maven
org.jenkins-ci.plugins/elastest
1.0.0
maven
org.jenkins-ci.plugins/elastest
1.0.1
maven
org.jenkins-ci.plugins/elastest
1.1.0
maven
org.jenkins-ci.plugins/elastest
1.2.1
1-20 of 20
CVE-2020-2272 | Components Impacted | Sonatype Guide | Sonatype Guide
