cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-21677,https://securityvulnerability.io/vulnerability/CVE-2021-21677,Remote Code Execution Vulnerability in Jenkins Code Coverage API Plugin by Jenkins,"The Jenkins Code Coverage API Plugin versions 1.4.0 and prior are vulnerable due to a failure to maintain appropriate deserialization protections as specified by Jenkins Enhancement Proposal (JEP) 200. This oversight allows an attacker to exploit the deserialization of Java objects from disk, leading to potential remote code execution. It is crucial for users to update to the latest version to mitigate the risks associated with this vulnerability.",Jenkins,Jenkins Code Coverage Api Plugin,8.8,HIGH,0.0017300000181421638,false,,false,false,false,,,false,false,,2021-08-31T13:50:13.000Z,0
CVE-2020-2172,https://securityvulnerability.io/vulnerability/CVE-2020-2172,,Jenkins Code Coverage API Plugin 1.1.4 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.,Jenkins,Jenkins Code Coverage Api Plugin,6.5,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2020-04-07T12:25:23.000Z,0
CVE-2020-2106,https://securityvulnerability.io/vulnerability/CVE-2020-2106,,"Jenkins Code Coverage API Plugin 1.1.2 and earlier does not escape the filename of the coverage report used in its view, resulting in a stored XSS vulnerability exploitable by users able to change job configurations.",Jenkins,Jenkins Code Coverage Api Plugin,5.4,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2020-01-29T15:15:30.000Z,0