CVE-2021-21701

Jenkins Performance Plugin 3.20 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

Xxe

Jenkins Performance Plugin 3.20 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2021-21701

Jenkins Performance Plugin 3.20 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2021-21701

Summary: CVE-2021-21701 affects Jenkins Performance Plugin 3.20 and earlier. The root cause is an XML parser not configured to prevent XML External Entity (XXE) attacks. What’s affected: the Performance Plugin in Jenkins; versions ≤ 3.20. Impact (as described in connected sources): an attacker wi...

Jenkins 代码问题漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.A code issue vulnerability exists in Jenkins Plugin that stems from the Performance plugin version 3.20 and earlier not...

PT-2021-14732 · Jenkins · Jenkins Perforce Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Performance Plugin versions 3.20 and earlier Description: The issue is related to the XML parser not being configured to prevent XML external entity XXE attacks. This allows attackers who can control workspace contents to have Jenkins...