2704 matches found
GHSA-H8P8-6378-649P XML external entity reference vulnerability on agents in Jenkins Semantic Versioning Plugin
Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-24443
Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-24443
Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-24441
Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-24430
Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-24441
Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Xxe
Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
Jenkins Plugin Semantic Versioning 代码问题漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
CVE-2023-24441
Jenkins MSTest Plugin 1.0.0 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-24430
Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-24430
CVE-2023-24430 affects Jenkins Semantic Versioning Plugin 1.14 and earlier, where the XML parser is not configured to prevent XML external entity (XXE) attacks. This XXE flaw could enable an attacker able to influence agent/controller parsing to exfiltrate data or affect processing. The issue is ...
CVE-2023-24443
CVE-2023-24443 concerns Jenkins TestComplete support Plugin, version 2.8.1 and earlier, where the XML parser is not configured to prevent XML external entity (XXE) attacks. The vulnerability is described as high-severity (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H; base score 9.8). The issue i...
CVE-2023-24443
Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-24430
Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-24443
Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...
CVE-2023-24441
CVE-2023-24441 affects Jenkins MSTest Plugin 1.0.0 and earlier, where the XML parser is not configured to prevent XML external entity (XXE) attacks. The available connected sources confirm an XXE vulnerability in MSTest Plugin and do not specify a published patch version. Exploit specifics are no...
CVE-2022-47950
A flaw was found in Swift's S3 XML parser. By supplying specially crafted XML files, an authenticated user may coerce the S3 API into returning arbitrary file contents from the host server, resulting in unauthorized read access to potentially sensitive data. This issue impacts both s3api...
expat security update
2.2.5-10.0.1 - lib: Prevent integer overflow in doProlog CVE-2022-23990Orabug: 33910314 2.2.5-10.1 - CVE-2022-43680 expat: use-after free caused by overeager destruction of a shared DTD in XMLExternalEntityParserCreate - Resolves: CVE-2022-43680...