CVE-2018-1000012
CVSS v3.0
8.8 (High)
CVSS v2.0
6.5 (Medium)
EPSS
0.10 % (43th)
Affected Products
1
Advisories
1
Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
Weaknesses
- CWE-611
- Improper Restriction of XML External Entity Reference
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2018-01-23 14:29:00
(6 years ago) - Updated Date
-
2018-02-07 12:21:37
(6 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...