CVE-2020-2252

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-2252

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-2252.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2020-2252

Aliases

GHSA-6fr3-286q-q3cr

Downstream

RHSA-2020:4297

RHSA-2020:5102

Published

2020-09-16T14:15:13Z

Modified

2026-04-11T20:41:38.304520Z

Severity

4.8 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.

References

Affected packages

Git / github.com/jenkinsci/mailer-plugin

Affected ranges

Type

GIT

Repo

https://github.com/jenkinsci/mailer-plugin

Events

Introduced

Last affected

3997c089a018ae98a0ae18cb1d3c37bcc46cef3a

Database specific

{
    "cpe": "cpe:2.3:a:jenkins:mailer:*:*:*:*:*:jenkins:*:*",
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.32"
        }
    ]
}

Affected versions

mailer-1.*

mailer-1.0

mailer-1.1

mailer-1.10

mailer-1.11

mailer-1.12

mailer-1.12-beta-1

mailer-1.13

mailer-1.14

mailer-1.15

mailer-1.16

mailer-1.17

mailer-1.18

mailer-1.19

mailer-1.2

mailer-1.20

mailer-1.21

mailer-1.22

mailer-1.23

mailer-1.23-beta-1

mailer-1.23-beta-2

mailer-1.24

mailer-1.25

mailer-1.26

mailer-1.27

mailer-1.28

mailer-1.29

mailer-1.3

mailer-1.30

mailer-1.31

mailer-1.32

mailer-1.4

mailer-1.5

mailer-1.6

mailer-1.7

mailer-1.8

mailer-1.9

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-2252.json"