Lucene search

Code Coverage Api Security Vulnerabilities

cve

CVE-2021-21677

Jenkins Code Coverage API Plugin 1.4.0 and earlier does not apply Jenkins JEP-200 deserialization protection to Java objects it deserializes from disk, resulting in a remote code execution...

8.8CVSS

9.1AI Score

0.004EPSS

2021-08-31 02:15 PM

cve

CVE-2020-2172

Jenkins Code Coverage API Plugin 1.1.4 and earlier does not configure its XML parser to prevent XML external entity (XXE)...

6.5CVSS

6.5AI Score

0.001EPSS

2020-04-07 01:15 PM

cve

CVE-2020-2106

Jenkins Code Coverage API Plugin 1.1.2 and earlier does not escape the filename of the coverage report used in its view, resulting in a stored XSS vulnerability exploitable by users able to change job...

5.4CVSS

5.6AI Score

0.001EPSS

2020-01-29 04:15 PM