CVE-2020-2247

Summary

Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Klocwork Analysis Pluginunspecified <= 2020.2.1affected
Jenkins projectJenkins Klocwork Analysis Pluginnext of 2020.2.1 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References