Jenkins - Valgrind CVE - CVE Search - CVE Details

Filtered by vendor Jenkins Subscribe

Filtered by product Valgrind

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-2245	1 Jenkins	1 Valgrind	2020-09-04	5.5 MEDIUM	7.1 HIGH
Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
CVE-2020-2246	1 Jenkins	1 Valgrind	2020-09-04	3.5 LOW	5.4 MEDIUM
Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Valgrind XML report contents.

Vulnerabilities (CVE)