Find real vulnerabilities before they ship
Vulnerability Database › maven › CVE-2025-64134
Jenkins JDepend Plugin 1.3.1 and earlier includes an outdated version of JDepend Maven Plugin that does not configure its XML parser to prevent XML external entity (XXE) attacks.
Base Score