Lucene search
K

4 matches found

Github Security Blog
Github Security Blog
added 2022/05/24 5:35 p.m.29 views

XXE vulnerability in Jenkins CVS Plugin

Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control an agent process to have Jenkins parse a crafted changelog file that uses external entities for extraction of secrets from the Jenkins controller...

7.5CVSS7.2AI score0.01342EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2021/03/03 12:28 p.m.10 views

jenkins-2-plugins/subversion: XML parser is not preventing XML external entity (XXE) attacks

A flaw was found in the subversion Jenkins plugin. The XML parser is not properly configured to prevent XML external entity XXE attacks allowing an attacker the ability to control an agent process and have Jenkins parse a crafted changelog file that uses external entities for extraction of secret...

6.5CVSS7.1AI score0.01478EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2021/01/20 4:38 a.m.8 views

jenkins-2-plugins/subversion: XML parser is not preventing XML external entity (XXE) attacks

A flaw was found in the subversion Jenkins plugin. The XML parser is not properly configured to prevent XML external entity XXE attacks allowing an attacker the ability to control an agent process and have Jenkins parse a crafted changelog file that uses external entities for extraction of secret...

6.5CVSS7.1AI score0.01478EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2020/12/03 12:0 a.m.6 views

PT-2020-15558 · Jenkins · Jenkins Cas Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins CVS Plugin versions 2.16 and earlier Description: The issue allows attackers who can control an agent process to have Jenkins parse a crafted changelog file, using external entities for extraction of secrets from the Jenkins controlle...

7.5CVSS7.4AI score0.01342EPSS
Exploits0References8
Rows per page
Query Builder