4 matches found
CVE-2022-25209
Jenkins Chef Sinatra Plugin 1.20 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-25209
creationtimestamp| type| source ---|---|--- 2022-02-15 20:35:56+00:00| seen| https://t.me/cibsecurity/37526...
CVE-2022-25209
Jenkins Chef Sinatra Plugin 1.20 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-25209
CVE-2022-25209 affects the Jenkins Chef Sinatra Plugin (versions 1.20 and earlier). The root cause is that the plugin does not configure its XML parser to prevent XML External Entity (XXE) attacks, enabling crafted XML responses to be parsed with potential exposure of secrets from the Jenkins con...