VYPR

Cobertura Plugin

by Jenkins Project

Source repositories

CVEs (2)

  • CVE-2020-2139Mar 9, 2020
    risk 0.00cvss epss 0.02

    An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file system.

  • CVE-2020-2138Mar 9, 2020
    risk 0.00cvss epss 0.01

    Jenkins Cobertura Plugin 1.15 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.