VYPR

Maven package

org.jenkins-ci.plugins/cobertura

pkg:maven/org.jenkins-ci.plugins/cobertura

Vulnerabilities (2)

  • CVE-2020-2139Mar 9, 2020
    affected < 1.16fixed 1.16

    An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file system.

  • CVE-2020-2138Mar 9, 2020
    affected < 1.16fixed 1.16

    Jenkins Cobertura Plugin 1.15 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.