Vulnerabilities (CVE)

Filtered by vendor Jenkins Subscribe
Filtered by product Owasp Dependency-check
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-43577 1 Jenkins 1 Owasp Dependency-check 2024-11-21 5.5 MEDIUM 7.1 HIGH
Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2017-1000109 1 Jenkins 1 Owasp Dependency-check 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The custom Details view of the Static Analysis Utilities based OWASP Dependency-Check Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin could insert arbitrary HTML into this view.