Maven package
org.jenkins-ci.plugins/valgrind
pkg:maven/org.jenkins-ci.plugins/valgrind
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-2246 | — | <= 0.28 | — | Sep 1, 2020 | Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Valgrind XML report contents. | ||
| CVE-2020-2245 | — | <= 0.28 | — | Sep 1, 2020 | Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. |
- CVE-2020-2246Sep 1, 2020affected <= 0.28
Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Valgrind XML report contents.
- CVE-2020-2245Sep 1, 2020affected <= 0.28
Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.