GHSA-H4WX-78P9-FWXW XXE vulnerability on agents in Jenkins SourceMonitor Plugin

SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control XML input files for the 'Publish SourceMonitor results' post-build step to have agent processes parse a crafted file that uses external entities...

XXE vulnerability in Jenkins JAPEX Plugin

JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control XML input files for the 'Record Japex test report' post-build step to have Jenkins parse a crafted file that uses external entities for extraction of...

GHSA-8538-25V4-25PG XXE vulnerability in Jenkins JAPEX Plugin

JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control XML input files for the 'Record Japex test report' post-build step to have Jenkins parse a crafted file that uses external entities for extraction of...

XXE vulnerability on agents in Jenkins SourceMonitor Plugin

SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control XML input files for the 'Publish SourceMonitor results' post-build step to have agent processes parse a crafted file that uses external entities...

GHSA-8847-XVJW-9G43 XXE vulnerability on agents in Jenkins OSF Builder Suite : : XML Linter Plugin

OSF Builder Suite : : XML Linter 1.0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks. This allows attackers able to control XML files that get processed by the 'OSF Builder Suite : : XML Linter' build step to have agent processes parse a crafted file tha...

CVE-2022-45400

Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-45395

Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-45395

Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-45396

Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-45396

Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

Xxe

Jenkins OSF Builder Suite : : XML Linter Plugin 1.0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

Xxe

Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

Xxe

Jenkins JAPEX Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-45396

Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-45395

CVE-2022-45395 affects Jenkins CCCC Plugin 0.6 and earlier. The root cause is that its XML parser is not configured to prevent XML External Entity (XXE) attacks, which can allow an attacker to access or manipulate data in the published CCCC report via crafted XML. The connected documents confirm ...

Jenkins Plugin OSF Builder Suite :: XML Linter 代码问题漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. Jenkins Plugin A code issu...

CVE-2022-45386

Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

CVE-2022-45400

Jenkins JAPEX Plugin (versions 1.7 and earlier) is vulnerable to an XML External Entity (XXE) attack because it does not configure its XML parser to prevent XXE. This is documented across multiple sources (CVE-2022-45400; GHSA-8538-25V4-25PG; NVD entry). The root cause is improper parser configur...