Lucene search
Jenkins OWASP Dependency-Check Plugin Security Vulnerabilities
cve
Jenkins OWASP Dependency-Check Plugin 5.4.5 and earlier does not escape vulnerability metadata from Dependency-Check reports, resulting in a stored cross-site scripting (XSS)...
5.4AI Score
0.0004EPSS
2024-03-06 05:15 PM
36
cve
Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE)...
7.1CVSS
6.8AI Score
0.001EPSS
2021-11-12 11:15 AM
45
cve
A missing permission check in Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL, capturing credentials stored in...
6.5CVSS
6.2AI Score
0.001EPSS
2021-03-30 12:16 PM
53
2