Skip to main content

Cobertura

2 CVEs product

Monthly

CVE-2020-2139 Maven MEDIUM PATCH This Month

An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Path Traversal Cobertura
NVD
CVSS 3.1
6.5
EPSS
1.6%
CVE-2020-2138 Maven HIGH PATCH This Week

Jenkins Cobertura Plugin 1.15 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE Cobertura
NVD
CVSS 3.1
7.1
EPSS
0.9%
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins Path Traversal Cobertura
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Jenkins Cobertura Plugin 1.15 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE Cobertura
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy