2721 matches found
CVE-2022-45396
Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45395
Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45386
Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins OSF Builder Suite : : XML Linter Plugin 1.0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Jenkins Plugin CCCC 代码问题漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A code issue vulnerability...
Jenkins Plugin OSF Builder Suite :: XML Linter 代码问题漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin A code issu...
CVE-2022-45386
Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45396
Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45400
Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45400
Jenkins JAPEX Plugin (versions 1.7 and earlier) is vulnerable to an XML External Entity (XXE) attack because it does not configure its XML parser to prevent XXE. This is documented across multiple sources (CVE-2022-45400; GHSA-8538-25V4-25PG; NVD entry). The root cause is improper parser configur...
CVE-2022-45386
CVE-2022-45386 affects Jenkins Violations Plugin, version 0.7.11 and earlier. The root cause is that the plugin’s XML parser does not prevent XML External Entity (XXE) attacks, enabling an attacker to influence XML input for the Report Violations step and potentially exfiltrate data or trigger se...
PT-2022-27502 · Jenkins · Jenkins Japex Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins JAPEX Plugin versions 1.7 and earlier Description: The issue is related to the XML parser not being configured to prevent XML external entity XXE attacks. This allows attackers who can control XML input files for the 'Record Japex tes...
CVE-2022-45395
Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45396
Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45395
CVE-2022-45395 affects Jenkins CCCC Plugin 0.6 and earlier. The root cause is that its XML parser is not configured to prevent XML External Entity (XXE) attacks, which can allow an attacker to access or manipulate data in the published CCCC report via crafted XML. The connected documents confirm ...
CVE-2022-45400
Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45386
Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2022-45395
Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...