Upstream information

CVE-2020-2247 at MITRE

Description

Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having low severity.

SUSE Bugzilla entry: 1176045 [RESOLVED / FIXED]

No SUSE Security Announcements cross referenced.