3.15

DATE	CVE	VULNERABILITY TITLE	RISK
2020-06-03	CVE-2020-2192	Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Self-Organizing Swarm Modules A cross-site request forgery vulnerability in Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier allows attackers to add or remove agent labels. network low complexity jenkins CWE-352	6.5
2020-06-03	CVE-2020-2191	Incorrect Default Permissions vulnerability in Jenkins Self-Organizing Swarm Modules Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels. network low complexity jenkins CWE-276	4.3