4 matches found
CVE-2022-45386
Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45386
Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45386
Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45386
CVE-2022-45386 affects Jenkins Violations Plugin, version 0.7.11 and earlier. The root cause is that the plugin’s XML parser does not prevent XML External Entity (XXE) attacks, enabling an attacker to influence XML input for the Report Violations step and potentially exfiltrate data or trigger se...