CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-64134

Jenkins JDepend Plugin 1.3.1 and earlier includes an outdated version of JDepend Maven Plugin that does not configure its XML parser to prevent XML external entity (XXE) attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.3%

CVSS Severity

CVSS v3 Score 7.1

References

Products affected by CVE-2025-64134

Jenkins » Jdepend » Version: 1.0

cpe:2.3:a:jenkins:jdepend:1.0
Jenkins » Jdepend » Version: 1.1

cpe:2.3:a:jenkins:jdepend:1.1
Jenkins » Jdepend » Version: 1.1.1

cpe:2.3:a:jenkins:jdepend:1.1.1
Jenkins » Jdepend » Version: 1.1.2

cpe:2.3:a:jenkins:jdepend:1.1.2
Jenkins » Jdepend » Version: 1.1.3

cpe:2.3:a:jenkins:jdepend:1.1.3
Jenkins » Jdepend » Version: 1.1.4

cpe:2.3:a:jenkins:jdepend:1.1.4
Jenkins » Jdepend » Version: 1.2

cpe:2.3:a:jenkins:jdepend:1.2
Jenkins » Jdepend » Version: 1.2.1

cpe:2.3:a:jenkins:jdepend:1.2.1
Jenkins » Jdepend » Version: 1.2.2

cpe:2.3:a:jenkins:jdepend:1.2.2
Jenkins » Jdepend » Version: 1.2.3

cpe:2.3:a:jenkins:jdepend:1.2.3
Jenkins » Jdepend » Version: 1.2.4

cpe:2.3:a:jenkins:jdepend:1.2.4
Jenkins » Jdepend » Version: 1.3.0

cpe:2.3:a:jenkins:jdepend:1.3.0
Jenkins » Jdepend » Version: 1.3.1

cpe:2.3:a:jenkins:jdepend:1.3.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-64134

Products

Pricing

Contact Us