2720 matches found
Xxe
Jenkins Crap4J Plugin 0.9 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-36969
This vulnerability allows remote attackers to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2 Patch 04201.2111.1802.0000. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specifi...
Xxe
This vulnerability allows remote attackers to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2 Patch 04201.2111.1802.0000. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specifi...
CVE-2022-36969
This vulnerability allows remote attackers to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2 Patch 04201.2111.1802.0000. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specifi...
CVE-2023-28684
Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-28683
CVE-2023-28683 — Jenkins Phabricator Differential Plugin : Affected plugin versions 2.1.5 and earlier fail to configure the XML parser to prevent XML external entity (XXE) attacks. This enables attackers who can influence the coverage report file contents for the ‘Post to Phabricator’ post-build ...
CVE-2023-28682
Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-28680
Jenkins Crap4J Plugin 0.9 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-28681
CVE-2023-28681 affects Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier. The vulnerability arises because the plugin’s XML parser is not configured to prevent XML external entity (XXE) attacks, which can allow an attacker to cause the Jenkins controller/server-side processing to reveal s...
CVE-2023-28681
Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Jenkins Plugins Performance Publisher 代码问题漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
PT-2023-21902 · Jenkins · Jenkins Phabricator Differential Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Phabricator Differential Plugin versions 2.1.5 and earlier Description: The issue is related to the configuration of the XML parser, which does not prevent XML external entity XXE attacks. This allows attackers who can control coverag...
CVE-2023-28685
Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-28685
CVE-2023-28685 affects Jenkins AbsInt a³ Plugin (≤1.1.0). It does not configure its XML parser to prevent XML External Entity (XXE) attacks, enabling potential disclosure of secrets from the Jenkins controller via crafted XML. CVSSv3.1 base score 7.1 (HIGH): Network attack vector, LOW privileges ...
CVE-2023-28685
Jenkins AbsInt a³ Plugin 1.1.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
PT-2023-21904 · Jenkins · Jenkins Absint A³ Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins AbsInt a³ Plugin versions 1.1.0 and earlier Description: The issue arises from the plugin not configuring its XML parser to prevent XML external entity XXE attacks. This allows attackers who can control the Project File APX contents t...
Fedora 36 : mingw-python-OWSLib (2023-ae06b3704c)
The remote Fedora 36 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-ae06b3704c advisory. Update to OWSLib-0.28.1, fixes CVE-2023-27476. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...
Fedora 37 : mingw-python-OWSLib (2023-8312a80917)
The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-8312a80917 advisory. Update to OWSLib-0.28.1, fixes CVE-2023-27476. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...