Klocwork Analysis
1 CVEs
product
Monthly
Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Jenkins
XXE
Klocwork Analysis
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2020-2247
Maven
EPSS 1%
CVSS 6.5
MEDIUM
PATCH
This Month
Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Jenkins
XXE
Klocwork Analysis
NVD