CVE-2022-45396
Improper Restriction of XML External Entity Reference in maven/com.thalesgroup.hudson.plugins/sourcemonitor
Identifiers
GHSA-h4wx-78p9-fwxw, CVE-2022-45396
Package Slug
maven/com.thalesgroup.hudson.plugins/sourcemonitor
Vulnerability
Improper Restriction of XML External Entity Reference
Description
Jenkins SourceMonitor Plugin 0.2 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Affected Versions
All versions up to 0.2
Solution
Unfortunately, there is no solution available yet.
Last Modified
2022-11-22
| source |