Lucene search

K

RedhatCVELIST:CVE-2015-3160

HistorySep 06, 2017 - 9:00 p.m.

CVE-2015-3160

2017-09-0621:00:00

redhat

www.cve.org

2

AI Score

4.2

Confidence

High

EPSS

0.001

Percentile

43.7%

XML external entity (XXE) vulnerability in bkr/server/jobs.py in Beaker before 20.1 allows remote authenticated users to obtain sensitive information via submitting job XML to the server containing entity references which reference files from the Beaker server’s file system.

References

www.openwall.com/lists/oss-security/2015/05/08/1

www.securityfocus.com/bid/74569

beaker-project.org/jenkins-results/beaker-review-checks-docs/995/documentation/_build/html/whats-new/release-20.html#beaker-20-1

bugzilla.redhat.com/attachment.cgi?id=1020003

bugzilla.redhat.com/show_bug.cgi?id=1215020

AI Score

4.2

Confidence

High

EPSS

0.001

Percentile

43.7%

Related for CVELIST:CVE-2015-3160

cve1 nvd1 prion1