Skip to main content

Valgrind

2 CVEs product

Monthly

CVE-2020-2246 Maven MEDIUM This Month

Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Valgrind
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2020-2245 Maven HIGH This Week

Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE Valgrind
NVD
CVSS 3.1
7.1
EPSS
0.9%
EPSS 1% CVSS 5.4
MEDIUM This Month

Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Valgrind
NVD
EPSS 1% CVSS 7.1
HIGH This Week

Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE Valgrind
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy