Known Vulnerabilities
CVE-2020-2197
Jenkins Project Inheritance Plugin 19.08.02 and earlier does not require users to have Job/ExtendedRead permission to access Inheritance Project job configurations in XML format.
UNKNOWN
Published Jun 03, 2020
CVE-2020-2198
Jenkins Project Inheritance Plugin 19.08.02 and earlier does not redact encrypted secrets in the 'getConfigAsXML' API URL when transmitting job config.xml data to users without Job/Configure.
UNKNOWN
Published Jun 03, 2020