Nerrvana
1 CVEs
product
Monthly
Jenkins Nerrvana Plugin 1.02.06 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XXE
Jenkins
Nerrvana
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2020-2298
Maven
EPSS 1%
CVSS 6.5
MEDIUM
This Month
Jenkins Nerrvana Plugin 1.02.06 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XXE
Jenkins
Nerrvana
NVD