Owasp Dependency-check@* Security Vulnerabilities and Issues — Owasp Dependency-check@* CVE List

Lucene search

JenkinsOwasp Dependency-check*

2 matches found

CVE•added 2024/03/06 5:15 p.m.•62 views

CVE-2024-28153

Jenkins OWASP Dependency-Check Plugin 5.4.5 and earlier does not escape vulnerability metadata from Dependency-Check reports, resulting in a stored cross-site scripting (XSS) vulnerability.

7.3CVSS5.4AI score0.00825EPSS

CVE•added 2021/11/12 11:15 a.m.•61 views

CVE-2021-43577

Jenkins OWASP Dependency-Check Plugin 5.1.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

7.1CVSS6.8AI score0.01983EPSS