3 matches found
CVE-2020-2245
Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2245
CVE-2020-2245 affects Jenkins Valgrind Plugin 0.28 and earlier. The root cause is an XML parser not configured to disable external entities, enabling XXE attacks. In-the-wild impact described in a GHSA advisory includes the possibility of parsing crafted input to exfiltrate secrets or trigger SSR...
CVE-2020-2245
Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...