CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

PT-2022-17148 · Jenkins · Jenkins Chef Sinatra Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Chef Sinatra Plugin versions 1.20 and earlier Description: The issue arises from the plugin not configuring its XML parser to prevent XML external entity XXE attacks, allowing attackers to have Jenkins parse a crafted XML response for...

CloudBees Jenkins Code Coverage API Plugin XXE Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . CloudBees Jenkins Code Covera...