GHSA-2RH4-XGMQ-63JP XXE vulnerability in Jenkins Parasoft Findings Plugin

Parasoft Findings Plugin implements a static analysis parser for various Parasoft products and integrates with Warnings Plugin 10.4.1 and earlier and Warnings NG Plugin 10.4.2 and newer. Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity X...

CloudBees Jenkins Parasoft Findings Plugin Code Issue Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Parasoft Findings Plugin is used in one of th...

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2020-2178

What’s affected: Jenkins Parasoft Findings Plugin (versions 10.4.3 and earlier) used in Jenkins. Root cause: The plugin’s XML parser is not configured to disable XML external entities (XXE) attacks. Impact: An attacker who can control input to the Parasoft Findings parser could cause the parser t...

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2020-2178

Jenkins Parasoft Findings Plugin 10.4.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

PT-2020-15391 · Jenkins · Jenkins Parasoft Findings Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Parasoft Findings Plugin versions 10.4.3 and earlier Description: The issue allows a user who can control the input files for the Parasoft Findings parser to have Jenkins parse a crafted file that uses external entities for extraction...