Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:30 p.m.8 views

CVE-2020-2315

Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.5CVSS6.7AI score0.00274EPSS
Exploits0
OSV
OSV
added 2022/05/24 5:33 p.m.13 views

GHSA-JVJM-J945-8QWC XXE vulnerability in Jenkins Visualworks Store Plugin

Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with the ability to control the output of a script that run Visualworks with StoreCI, or able to control an agent process, to have Jenkins parse a...

6.5CVSS6.4AI score0.00274EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2022/05/24 5:33 p.m.72 views

XXE vulnerability in Jenkins Visualworks Store Plugin

Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers with the ability to control the output of a script that run Visualworks with StoreCI, or able to control an agent process, to have Jenkins parse a...

6.5CVSS6.2AI score0.00274EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2020/11/04 3:15 p.m.9 views

CVE-2020-2315

Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.5CVSS6.5AI score0.00274EPSS
Exploits0References1
Prion
Prion
added 2020/11/04 3:15 p.m.10 views

Xxe

Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

4CVSS6.4AI score0.00274EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/11/04 2:35 p.m.12 views

CVE-2020-2315

Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

6.5AI score0.00274EPSS
Exploits0References1
CVE
CVE
added 2020/11/04 2:35 p.m.61 views

CVE-2020-2315

The CVE-2020-2315 issue affects Jenkins Visualworks Store Plugin versions 1.1.3 and earlier. The root cause is that the plugin’s XML parser does not disable XML External Entity (XXE) processing, enabling crafted XML to potentially reveal secrets from the Jenkins controller or facilitate SSRF-like...

6.5CVSS6.4AI score0.00274EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder