15 matches found
PT-2025-52971
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the scsi subsystem, specifically in the qla2xxx driver. A check for a valid return value from the fc bsg to rport function was missing, potentiall...
EUVD-2022-4694
Malicious code in bioql PyPI...
EUVD-2025-31931
Malicious code in bioql PyPI...
UBUNTU-CVE-2023-53150
In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fcbsgtorport may be NULL and will be dereferenced. Add a fix to validate rport before dereferencing...
SUSE CVE-2020-2247
Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
XXE vulnerability in Jenkins Klocwork Analysis Plugin
Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows a user able to control the input files for the Klocwork plugin parser to have Jenkins parse a crafted file that uses external entities for extraction of secrets...
GHSA-P6C5-737R-2R93 XXE vulnerability in Jenkins Klocwork Analysis Plugin
Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows a user able to control the input files for the Klocwork plugin parser to have Jenkins parse a crafted file that uses external entities for extraction of secrets...
CloudBees Jenkins XXE Vulnerability
CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A XXE vulnerability exists in...
CVE-2020-2247
Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2247
Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2247
CVE-2020-2247 affects the Jenkins Klocwork Analysis Plugin, where versions 2020.2.1 and earlier do not configure their XML parser to prevent XML external entity (XXE) attacks. This security gap could allow crafted input files to trigger XXE processing on the Jenkins server. The Connected document...
CVE-2020-2247
Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2020-2247
Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
PT-2020-15470 · Jenkins · Jenkins Klocwork Analysis Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Klocwork Analysis Plugin versions 2020.2.1 and earlier Description: The issue concerns an XML external entity XXE attack. This occurs because the XML parser is not configured to prevent such attacks, allowing a user who can control th...