Lucene search
China National Vulnerability DatabaseCNVD-2021-93371HistoryNov 17, 2021 - 12:00 a.m.
Jenkins code issue vulnerability (CNVD-2021-93371)
2021-11-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
28.6%
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.A code issue vulnerability exists in Jenkins Plugin, which stems from OWASP Dependency-Check version 5.1.1 and earlier not configuring its XML parser to prevent XML External Entity (XXE) attacks. No detailed vulnerability details are available at this time.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jenkins owasp dependency-check | le | 5.1.1 |
Related
cvelist
cvelist
CVE-2021-43577
2021-11-12 10:35:21
nvd
nvd
CVE-2021-43577
2021-11-12 11:15:08
osv
osv
CVE-2021-43577
2021-11-12 11:15:08
XXE vulnerability in Jenkins OWASP Dependency-Check Plugin
2022-05-24 19:20:32
alpinelinux
alpinelinux
CVE-2021-43577
2021-11-12 11:15:08
cve
cve
CVE-2021-43577
2021-11-12 11:15:08
prion
prion
Xxe
2021-11-12 11:15:00
github
github
XXE vulnerability in Jenkins OWASP Dependency-Check Plugin
2022-05-24 19:20:32