CVE-2020-2172

Summary

Jenkins Code Coverage API Plugin 1.1.4 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Code Coverage API Pluginunspecified <= 1.1.4affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References