CVE-2020-2298

Summary

Jenkins Nerrvana Plugin 1.02.06 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Nerrvana Pluginunspecified <= 1.02.06affected
Jenkins projectJenkins Nerrvana Pluginnext of 1.02.06 < unspecifiedunknown

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References