Lucene search
GoogleOSV:CVE-2018-1000054HistoryFeb 09, 2018 - 11:29 p.m.
CVE-2018-1000054
2018-02-0923:29:01
Google
osv.dev
3
0.001 Low
EPSS
Percentile
42.8%
Jenkins CCM Plugin 3.1 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ccm-plugin | eq | ccm-3.0.1 | |
| ccm-plugin | eq | ccm-3.0 | |
| ccm-plugin | eq | ccm-3.1 | |
| ccm-plugin | eq | ccm-3.0.2 | |
| ccm-plugin | eq | ccm-2.6.1 | |
| ccm-plugin | eq | ccm-2.6 |
References
Related
nvd
nvd
CVE-2018-1000054
2018-02-09 23:29:01
cvelist
cvelist
CVE-2018-1000054
2018-02-09 23:00:00
cve
cve
CVE-2018-1000054
2018-02-09 23:29:01
prion
prion
Server side request forgery (ssrf)
2018-02-09 23:29:00
github
github
osv
osv
alpinelinux
alpinelinux
CVE-2018-1000054
2018-02-09 23:29:01