7 matches found
EUVD-2022-6995
Malicious code in bioql PyPI...
CVE-2022-43415
Jenkins REPO Plugin 1.15.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-30949
Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents...
CVE-2022-43415
Jenkins REPO Plugin 1.15.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
PT-2022-26900 · Jenkins · Jenkins Repo Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins REPO Plugin versions 1.15.0 and earlier Description: The issue allows attackers who can control which repo binary is executed on agents to have Jenkins parse a crafted XML document. This can lead to extraction of secrets from the...
CVE-2022-43415
Jenkins REPO Plugin 1.15.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
PT-2022-20403 · Jenkins · Jenkins Repo Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins REPO Plugin versions 1.14.0 and earlier Description: The issue allows attackers who can configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs. This enables...