2720 matches found
CVE-2023-28680
Jenkins Crap4J Plugin 0.9 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-28685
Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-28681
Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-28682
Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-24430
Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-43430
Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-4725
A vulnerability was found in AWS SDK 2.59.0. It has been rated as critical. This issue affects the function XpathUtils of the file aws-android-sdk-core/src/main/java/com/amazonaws/util/XpathUtils.java of the component XML Parser. The manipulation leads to server-side request forgery. Upgrading to...
CVE-2022-46682
Jenkins Plot Plugin 2.1.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45400
Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45386
Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45396
Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-43415
Jenkins REPO Plugin 1.15.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-41226
Jenkins Compuware Common Configuration Plugin 1.0.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-28890
A vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities...
CVE-2022-28155
Jenkins Pipeline: Phoenix AutoTest Plugin 1.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-28154
Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45397
Jenkins OSF Builder Suite : : XML Linter Plugin 1.0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45395
Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2021-21266
openHAB is a vendor and technology agnostic open source automation software for your home. In openHAB before versions 2.5.12 and 3.0.1 the XML external entity XXE attack allows attackers in the same network as the openHAB instance to retrieve internal information like the content of files from th...
CVE-2021-38441
Eclipse CycloneDDS versions prior to 0.8.0 are vulnerable to a write-what-where condition, which may allow an attacker to write arbitrary values in the XML parser...