Preços Enterprise

CVE-2022-45396

9.8CRITICAL

Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Publicado: 11/15/2022Atualizado: 4/30/2025

Ver no NVD Ver no MITRE

Descrição

Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Análise IADesenvolvido por IA

Produtos Afetados

jenkinssourcemonitor

Referências

http://www.openwall.com/lists/oss-security/2022/11/15/4
Mailing ListThird Party Advisory
https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2927
Vendor Advisory
http://www.openwall.com/lists/oss-security/2022/11/15/4
Mailing ListThird Party Advisory
https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2927
Vendor Advisory