CVE-2020-2160

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-2160
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-2160.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-2160
Aliases
Downstream
Published
2020-03-25T17:15:14.907Z
Modified
2026-03-13T22:39:30.873854Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Jenkins 2.227 and earlier, LTS 2.204.5 and earlier uses different representations of request URL paths, which allows attackers to craft URLs that allow bypassing CSRF protection of any target URL.

References

Affected packages

Git / github.com/jenkinsci/jenkins

Affected ranges

Type
GIT
Repo
https://github.com/jenkinsci/jenkins
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1828ba39ac49e57e4985cfc86e3e91bde7634e52
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
454b01fe728161c1edd1d1bf245912afd3697dd0
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.204.5"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.227"
        }
    ]
}

Affected versions

1.*
1.324-rc
1.325-rc
1.327-rc
1.328-rc
1.502-rc1
1.580.1-rc1
Other
builds/10
builds/100
builds/101
builds/102
builds/103
builds/104
builds/105
builds/106
builds/107
builds/108
builds/109
builds/11
builds/110
builds/111
builds/112
builds/113
builds/114
builds/115
builds/116
builds/117
builds/118
builds/119
builds/12
builds/120
builds/121
builds/122
builds/123
builds/124
builds/125
builds/126
builds/127
builds/128
builds/13
builds/130
builds/131
builds/132
builds/133
builds/134
builds/135
builds/136
builds/137
builds/138
builds/139
builds/14
builds/140
builds/141
builds/142
builds/143
builds/144
builds/145
builds/146
builds/147
builds/148
builds/149
builds/15
builds/150
builds/151
builds/152
builds/153
builds/154
builds/155
builds/156
builds/157
builds/158
builds/16
builds/160
builds/161
builds/162
builds/163
builds/164
builds/165
builds/166
builds/167
builds/168
builds/169
builds/17
builds/170
builds/171
builds/172
builds/173
builds/174
builds/176
builds/177
builds/178
builds/179
builds/18
builds/180
builds/181
builds/182
builds/183
builds/184
builds/185
builds/186
builds/187
builds/188
builds/189
builds/19
builds/190
builds/191
builds/192
builds/193
builds/194
builds/195
builds/196
builds/197
builds/198
builds/199
builds/2
builds/200
builds/201
builds/202
builds/203
builds/204
builds/205
builds/206
builds/207
builds/209
builds/21
builds/210
builds/211
builds/212
builds/213
builds/214
builds/215
builds/216
builds/217
builds/218
builds/219
builds/22
builds/220
builds/221
builds/222
builds/223
builds/224
builds/225
builds/226
builds/227
builds/228
builds/229
builds/23
builds/230
builds/231
builds/232
builds/233
builds/234
builds/235
builds/236
builds/237
builds/238
builds/239
builds/24
builds/240
builds/241
builds/242
builds/243
builds/244
builds/245
builds/246
builds/247
builds/248
builds/249
builds/250
builds/251
builds/254
builds/255
builds/256
builds/257
builds/258
builds/259
builds/26
builds/260
builds/262
builds/263
builds/264
builds/265
builds/266
builds/267
builds/268
builds/269
builds/27
builds/270
builds/271
builds/272
builds/273
builds/274
builds/275
builds/276
builds/277
builds/278
builds/279
builds/28
builds/280
builds/281
builds/282
builds/283
builds/284
builds/285
builds/286
builds/287
builds/288
builds/29
builds/290
builds/291
builds/292
builds/293
builds/294
builds/295
builds/296
builds/297
builds/298
builds/299
builds/3
builds/30
builds/300
builds/301
builds/302
builds/303
builds/304
builds/305
builds/306
builds/307
builds/308
builds/309
builds/31
builds/310
builds/311
builds/312
builds/313
builds/314
builds/316
builds/317
builds/318
builds/319
builds/32
builds/320
builds/321
builds/322
builds/323
builds/324
builds/325
builds/326
builds/327
builds/328
builds/329
builds/33
builds/330
builds/331
builds/332
builds/333
builds/334
builds/335
builds/336
builds/338
builds/339
builds/34
builds/340
builds/341
builds/342
builds/343
builds/344
builds/345
builds/346
builds/348
builds/35
builds/350
builds/352
builds/353
builds/354
builds/355
builds/356
builds/357
builds/358
builds/359
builds/36
builds/361
builds/362
builds/363
builds/364
builds/365
builds/368
builds/369
builds/37
builds/370
builds/371
builds/372
builds/373
builds/374
builds/375
builds/39
builds/4
builds/40
builds/41
builds/42
builds/43
builds/44
builds/46
builds/47
builds/48
builds/49
builds/5
builds/50
builds/51
builds/52
builds/53
builds/54
builds/55
builds/56
builds/57
builds/58
builds/59
builds/6
builds/60
builds/62
builds/63
builds/64
builds/65
builds/66
builds/67
builds/68
builds/69
builds/7
builds/70
builds/71
builds/72
builds/73
builds/74
builds/75
builds/77
builds/81
builds/82
builds/83
builds/85
builds/86
builds/88
builds/89
builds/9
builds/90
builds/92
builds/93
builds/94
builds/95
builds/96
builds/97
builds/98
builds/99
changes/10
changes/100
changes/101
changes/102
changes/103
changes/104
changes/105
changes/106
changes/107
changes/108
changes/109
changes/11
changes/110
changes/111
changes/112
changes/113
changes/114
changes/115
changes/116
changes/117
changes/118
changes/119
changes/12
changes/120
changes/121
changes/122
changes/123
changes/124
changes/125
changes/126
changes/127
changes/128
changes/13
changes/130
changes/131
changes/132
changes/133
changes/134
changes/135
changes/136
changes/137
changes/138
changes/139
changes/14
changes/140
changes/141
changes/142
changes/143
changes/144
changes/145
changes/146
changes/147
changes/148
changes/149
changes/15
changes/150
changes/151
changes/152
changes/153
changes/154
changes/155
changes/156
changes/157
changes/158
changes/16
changes/160
changes/161
changes/162
changes/163
changes/164
changes/165
changes/166
changes/167
changes/168
changes/169
changes/17
changes/170
changes/171
changes/172
changes/173
changes/174
changes/176
changes/177
changes/178
changes/179
changes/18
changes/180
changes/181
changes/182
changes/183
changes/184
changes/185
changes/186
changes/187
changes/188
changes/189
changes/19
changes/190
changes/191
changes/192
changes/193
changes/194
changes/195
changes/196
changes/197
changes/198
changes/199
changes/2
changes/20
changes/200
changes/201
changes/202
changes/203
changes/204
changes/205
changes/206
changes/207
changes/209
changes/21
changes/210
changes/211
changes/212
changes/213
changes/214
changes/215
changes/216
changes/217
changes/218
changes/219
changes/22
changes/220
changes/221
changes/222
changes/223
changes/224
changes/225
changes/226
changes/227
changes/228
changes/229
changes/23
changes/230
changes/231
changes/232
changes/233
changes/234
changes/235
changes/236
changes/237
changes/238
changes/239
changes/24
changes/240
changes/241
changes/242
changes/243
changes/244
changes/245
changes/246
changes/247
changes/248
changes/249
changes/25
changes/250
changes/251
changes/254
changes/255
changes/256
changes/257
changes/258
changes/259
changes/26
changes/260
changes/262
changes/263
changes/264
changes/265
changes/266
changes/267
changes/268
changes/269
changes/27
changes/270
changes/271
changes/272
changes/273
changes/274
changes/275
changes/276
changes/277
changes/278
changes/279
changes/28
changes/280
changes/281
changes/282
changes/283
changes/284
changes/285
changes/286
changes/287
changes/288
changes/29
changes/290
changes/291
changes/292
changes/293
changes/294
changes/295
changes/296
changes/297
changes/298
changes/299
changes/3
changes/30
changes/300
changes/301
changes/302
changes/303
changes/304
changes/305
changes/306
changes/307
changes/308
changes/309
changes/31
changes/310
changes/311
changes/312
changes/313
changes/314
changes/316
changes/317
changes/318
changes/319
changes/32
changes/320
changes/321
changes/322
changes/323
changes/324
changes/325
changes/326
changes/327
changes/328
changes/329
changes/33
changes/330
changes/331
changes/332
changes/333
changes/334
changes/335
changes/336
changes/338
changes/339
changes/34
changes/340
changes/341
changes/342
changes/343
changes/344
changes/345
changes/346
changes/348
changes/35
changes/350
changes/352
changes/353
changes/354
changes/355
changes/356
changes/357
changes/358
changes/359
changes/36
changes/361
changes/362
changes/363
changes/364
changes/365
changes/368
changes/369
changes/37
changes/370
changes/371
changes/372
changes/373
changes/374
changes/375
changes/39
changes/4
changes/40
changes/41
changes/42
changes/43
changes/44
changes/46
changes/47
changes/48
changes/49
changes/5
changes/50
changes/51
changes/52
changes/53
changes/54
changes/55
changes/56
changes/57
changes/58
changes/59
changes/6
changes/60
changes/61
changes/62
changes/63
changes/64
changes/65
changes/66
changes/67
changes/68
changes/69
changes/7
changes/70
changes/71
changes/72
changes/73
changes/74
changes/75
changes/76
changes/77
changes/79
changes/8
changes/81
changes/82
changes/83
changes/85
changes/86
changes/88
changes/89
changes/9
changes/90
changes/92
changes/93
changes/94
changes/95
changes/96
changes/97
changes/98
changes/99
hudson-1_387
hudson-1_388
hudson-1_389
hudson-1_390
hudson-1_391
hudson-1_392
hudson-1_393
hudson-1_394
hudson-1_395
jenkins-1_396
jenkins-1_397
jenkins-1_398
jenkins-1_399
jenkins-1_400
jenkins-1_401
jenkins-1_402
jenkins-1_403
jenkins-1_404
jenkins-1_405
jenkins-1_406
jenkins-1_407
jenkins-1_408
jenkins-1_409
jenkins-1_410
jenkins-1_411
jenkins-1_412
jenkins-1_413
jenkins-1_414
jenkins-1_415
jenkins-1.*
jenkins-1.416
jenkins-1.417
jenkins-1.418
jenkins-1.419
jenkins-1.420
jenkins-1.421
jenkins-1.422
jenkins-1.423
jenkins-1.424
jenkins-1.425
jenkins-1.426
jenkins-1.427
jenkins-1.428
jenkins-1.429
jenkins-1.430
jenkins-1.431
jenkins-1.432
jenkins-1.433
jenkins-1.434
jenkins-1.435
jenkins-1.436
jenkins-1.437
jenkins-1.438
jenkins-1.439
jenkins-1.440
jenkins-1.441
jenkins-1.442
jenkins-1.443
jenkins-1.444
jenkins-1.445
jenkins-1.446
jenkins-1.447
jenkins-1.448
jenkins-1.449
jenkins-1.450
jenkins-1.451
jenkins-1.452
jenkins-1.453
jenkins-1.454
jenkins-1.455
jenkins-1.456
jenkins-1.457
jenkins-1.458
jenkins-1.459
jenkins-1.460
jenkins-1.461
jenkins-1.462
jenkins-1.463
jenkins-1.464
jenkins-1.465
jenkins-1.466
jenkins-1.467
jenkins-1.468
jenkins-1.469
jenkins-1.470
jenkins-1.471
jenkins-1.472
jenkins-1.473
jenkins-1.474
jenkins-1.475
jenkins-1.477
jenkins-1.478
jenkins-1.479
jenkins-1.480
jenkins-1.481
jenkins-1.482
jenkins-1.483
jenkins-1.484
jenkins-1.485
jenkins-1.486
jenkins-1.487
jenkins-1.488
jenkins-1.489
jenkins-1.490
jenkins-1.491
jenkins-1.492
jenkins-1.493
jenkins-1.494
jenkins-1.495
jenkins-1.496
jenkins-1.497
jenkins-1.498
jenkins-1.499
jenkins-1.500
jenkins-1.501
jenkins-1.502
jenkins-1.503
jenkins-1.504
jenkins-1.505
jenkins-1.506
jenkins-1.507
jenkins-1.508
jenkins-1.509
jenkins-1.510
jenkins-1.511
jenkins-1.512
jenkins-1.513
jenkins-1.514
jenkins-1.515
jenkins-1.516
jenkins-1.517
jenkins-1.518
jenkins-1.519
jenkins-1.520
jenkins-1.521
jenkins-1.522
jenkins-1.523
jenkins-1.524
jenkins-1.525
jenkins-1.526
jenkins-1.527
jenkins-1.528
jenkins-1.529
jenkins-1.530
jenkins-1.531
jenkins-1.532
jenkins-1.533
jenkins-1.534
jenkins-1.535
jenkins-1.536
jenkins-1.537
jenkins-1.538
jenkins-1.539
jenkins-1.540
jenkins-1.541
jenkins-1.542
jenkins-1.543
jenkins-1.544
jenkins-1.545
jenkins-1.546
jenkins-1.547
jenkins-1.548
jenkins-1.549
jenkins-1.550
jenkins-1.551
jenkins-1.552
jenkins-1.553
jenkins-1.554
jenkins-1.555
jenkins-1.556
jenkins-1.557
jenkins-1.558
jenkins-1.559
jenkins-1.560
jenkins-1.561
jenkins-1.562
jenkins-1.563
jenkins-1.564
jenkins-1.565
jenkins-1.566
jenkins-1.567
jenkins-1.568
jenkins-1.569
jenkins-1.570
jenkins-1.571
jenkins-1.572
jenkins-1.573
jenkins-1.574
jenkins-1.575
jenkins-1.576
jenkins-1.577
jenkins-1.578
jenkins-1.579
jenkins-1.580
jenkins-1.580.1
jenkins-1.580.2
jenkins-1.580.3
jenkins-1.580.3-rc1
jenkins-1.581
jenkins-1.582
jenkins-1.583
jenkins-1.584
jenkins-1.585
jenkins-1.586
jenkins-1.587
jenkins-1.588
jenkins-1.589
jenkins-1.590
jenkins-1.591
jenkins-1.592
jenkins-1.593
jenkins-1.594
jenkins-1.595
jenkins-1.596
jenkins-1.596.1
jenkins-1.596.2
jenkins-1.596.2-rc1
jenkins-1.596.3
jenkins-1.597
jenkins-1.598
jenkins-1.599
jenkins-1.600
jenkins-1.601
jenkins-1.602
jenkins-1.604
jenkins-1.605
jenkins-1.606
jenkins-1.607
jenkins-1.608
jenkins-1.609
jenkins-1.609.1
jenkins-1.609.1-rc1
jenkins-1.609.2
jenkins-1.609.2-rc1
jenkins-1.609.3
jenkins-1.610
jenkins-1.611
jenkins-1.612
jenkins-1.613
jenkins-1.614
jenkins-1.615
jenkins-1.616
jenkins-1.617
jenkins-1.618
jenkins-1.619
jenkins-1.620
jenkins-1.621
jenkins-1.622
jenkins-1.623
jenkins-1.624
jenkins-1.625
jenkins-1.625.1
jenkins-1.625.1-rc1
jenkins-1.625.1-rc2
jenkins-1.625.2
jenkins-1.625.2-rc1
jenkins-1.625.3
jenkins-1.625.3-rc1
jenkins-1.625.3-rc2
jenkins-1.626
jenkins-1.627
jenkins-1.628
jenkins-1.629
jenkins-1.630
jenkins-1.631
jenkins-1.632
jenkins-1.633
jenkins-1.634
jenkins-1.635
jenkins-1.636
jenkins-1.637
jenkins-1.638
jenkins-1.639
jenkins-1.640
jenkins-1.641
jenkins-1.642
jenkins-1.642.1
jenkins-1.642.1-rc1
jenkins-1.642.2
jenkins-1.642.2-rc1
jenkins-1.642.3
jenkins-1.643
jenkins-1.644
jenkins-1.645
jenkins-1.646
jenkins-1.647
jenkins-1.648
jenkins-1.649
jenkins-1.650
jenkins-1.651
jenkins-1.651.1
jenkins-1.651.2
jenkins-1.651.3
jenkins-1.652
jenkins-1.653
jenkins-1.654
jenkins-1.655
jenkins-1.656
jenkins-2.*
jenkins-2.0
jenkins-2.0-alpha-1
jenkins-2.0-alpha-2
jenkins-2.0-alpha-3
jenkins-2.0-alpha-4
jenkins-2.0-beta-1
jenkins-2.0-beta-2
jenkins-2.0-rc-1
jenkins-2.1
jenkins-2.10
jenkins-2.100
jenkins-2.101
jenkins-2.102
jenkins-2.103
jenkins-2.104
jenkins-2.105
jenkins-2.106
jenkins-2.107
jenkins-2.107.1
jenkins-2.107.2
jenkins-2.107.3
jenkins-2.108
jenkins-2.109
jenkins-2.11
jenkins-2.110
jenkins-2.111
jenkins-2.112
jenkins-2.113
jenkins-2.114
jenkins-2.115
jenkins-2.116
jenkins-2.117
jenkins-2.118
jenkins-2.119
jenkins-2.12
jenkins-2.120
jenkins-2.121
jenkins-2.121.1
jenkins-2.121.2
jenkins-2.121.3
jenkins-2.122
jenkins-2.124
jenkins-2.125
jenkins-2.126
jenkins-2.127
jenkins-2.128
jenkins-2.129
jenkins-2.13
jenkins-2.130
jenkins-2.131
jenkins-2.132
jenkins-2.133
jenkins-2.134
jenkins-2.135
jenkins-2.136
jenkins-2.137
jenkins-2.138
jenkins-2.138.1
jenkins-2.138.2
jenkins-2.138.3
jenkins-2.138.4
jenkins-2.14
jenkins-2.140
jenkins-2.141
jenkins-2.142
jenkins-2.143
jenkins-2.144
jenkins-2.145
jenkins-2.146
jenkins-2.147
jenkins-2.148
jenkins-2.149
jenkins-2.15
jenkins-2.150
jenkins-2.150.1
jenkins-2.150.2
jenkins-2.150.3
jenkins-2.151
jenkins-2.152
jenkins-2.153
jenkins-2.154
jenkins-2.155
jenkins-2.156
jenkins-2.157
jenkins-2.158
jenkins-2.159
jenkins-2.16
jenkins-2.160
jenkins-2.161
jenkins-2.162
jenkins-2.163
jenkins-2.164
jenkins-2.164.1
jenkins-2.164.2
jenkins-2.164.3
jenkins-2.165
jenkins-2.166
jenkins-2.167
jenkins-2.168
jenkins-2.169
jenkins-2.17
jenkins-2.170
jenkins-2.171
jenkins-2.172
jenkins-2.173
jenkins-2.174
jenkins-2.175
jenkins-2.176
jenkins-2.176.1
jenkins-2.176.2
jenkins-2.176.3
jenkins-2.176.4
jenkins-2.177
jenkins-2.178
jenkins-2.179
jenkins-2.18
jenkins-2.180
jenkins-2.181
jenkins-2.182
jenkins-2.183
jenkins-2.184
jenkins-2.185
jenkins-2.186
jenkins-2.187
jenkins-2.189
jenkins-2.19
jenkins-2.19.1
jenkins-2.19.2
jenkins-2.19.3
jenkins-2.19.4
jenkins-2.190
jenkins-2.190.1
jenkins-2.190.2
jenkins-2.190.3
jenkins-2.191
jenkins-2.192
jenkins-2.193
jenkins-2.194
jenkins-2.195
jenkins-2.196
jenkins-2.197
jenkins-2.198
jenkins-2.199
jenkins-2.2
jenkins-2.20
jenkins-2.200
jenkins-2.201
jenkins-2.202
jenkins-2.203
jenkins-2.204
jenkins-2.204.1
jenkins-2.204.2
jenkins-2.204.3
jenkins-2.204.4
jenkins-2.204.5
jenkins-2.21
jenkins-2.22
jenkins-2.23
jenkins-2.24
jenkins-2.25
jenkins-2.26
jenkins-2.27
jenkins-2.28
jenkins-2.29
jenkins-2.3
jenkins-2.30
jenkins-2.31
jenkins-2.32
jenkins-2.32.1
jenkins-2.32.2
jenkins-2.32.3
jenkins-2.33
jenkins-2.34
jenkins-2.35
jenkins-2.36
jenkins-2.37
jenkins-2.38
jenkins-2.39
jenkins-2.4
jenkins-2.40
jenkins-2.41
jenkins-2.42
jenkins-2.43
jenkins-2.44
jenkins-2.45
jenkins-2.46
jenkins-2.46.1
jenkins-2.46.2
jenkins-2.46.3
jenkins-2.47
jenkins-2.48
jenkins-2.49
jenkins-2.5
jenkins-2.50
jenkins-2.51
jenkins-2.52
jenkins-2.53
jenkins-2.54
jenkins-2.55
jenkins-2.56
jenkins-2.57
jenkins-2.58
jenkins-2.59
jenkins-2.6
jenkins-2.60
jenkins-2.60.1
jenkins-2.60.2
jenkins-2.60.3
jenkins-2.61
jenkins-2.62
jenkins-2.63
jenkins-2.64
jenkins-2.65
jenkins-2.66
jenkins-2.67
jenkins-2.68
jenkins-2.69
jenkins-2.7
jenkins-2.7.1
jenkins-2.7.2
jenkins-2.7.3
jenkins-2.7.4
jenkins-2.70
jenkins-2.71
jenkins-2.72
jenkins-2.73
jenkins-2.73.1
jenkins-2.73.2
jenkins-2.73.3
jenkins-2.74
jenkins-2.75
jenkins-2.76
jenkins-2.77
jenkins-2.78
jenkins-2.79
jenkins-2.8
jenkins-2.80
jenkins-2.81
jenkins-2.82
jenkins-2.83
jenkins-2.84
jenkins-2.85
jenkins-2.86
jenkins-2.87
jenkins-2.88
jenkins-2.89
jenkins-2.89.1
jenkins-2.89.2
jenkins-2.89.3
jenkins-2.89.4
jenkins-2.9
jenkins-2.90
jenkins-2.91
jenkins-2.92
jenkins-2.93
jenkins-2.94
jenkins-2.95
jenkins-2.96
jenkins-2.97
jenkins-2.98
jenkins-2.99
prototype-1.*
prototype-1.5.1.1
prototype-1.7

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-2160.json"