Path Traversal
An arbitrary file write vulnerability in Jenkins Cobertura Plugin allows attackers to overwrite any file on the Jenkins master file system.
Advisories for Maven/Org.jenkins-Ci.plugins/Cobertura package
2020
Improper Restriction of XML External Entity Reference
The Jenkins Cobertura Plugin does not configure its XML parser to prevent XML external entity (XXE) attacks.