2 matches found
CVE-2021-43577
Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
org.jenkins-ci.plugins:dependency-check-jenkins-plugin (>=3.3.4 <=4.0.2) potentially affected by CVE-2021-21633 via org.jenkins-ci.plugins:dependency-track (=1.1.1)
org.jenkins-ci.plugins:dependency-track MAVEN version =1.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on org.jenkins-ci.plugins:dependency-track and may be impacted: - org.jenkins-ci.plugins:dependency-check-jenkins-plugin =3.3.4, =4.0.2 Source cve...