Jenkins Project Jenkins Owasp Dependency-Check Plugin vulnerabilities
2 known vulnerabilities affecting jenkins_project/jenkins_owasp_dependency-check_plugin.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-28153MEDIUMCVSS 5.4≤ 5.4.52024-03-06
CVE-2024-28153 [MEDIUM] CWE-79 CVE-2024-28153: Jenkins OWASP Dependency-Check Plugin 5.4.5 and earlier does not escape vulnerability metadata from
Jenkins OWASP Dependency-Check Plugin 5.4.5 and earlier does not escape vulnerability metadata from Dependency-Check reports, resulting in a stored cross-site scripting (XSS) vulnerability.
cvelistv5nvd
CVE-2021-43577HIGHCVSS 7.1≥ unspecified, ≤ 5.1.12021-11-12
CVE-2021-43577 [HIGH] CWE-611 CVE-2021-43577: Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent
Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
cvelistv5nvd