Valgrind Plugin

CVEs (2)

• CVE-2020-2245Sep 1, 2020
  Jenkins Project

  Valgrind Plugin
  risk 0.00cvss —epss 0.01

  Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

• CVE-2020-2246Sep 1, 2020
  Jenkins Project

  Valgrind Plugin
  risk 0.00cvss —epss 0.01

  Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Valgrind XML report contents.