CVE-2022-45395

Improper Restriction of XML External Entity Reference in maven/com.thalesgroup.jenkins-ci.plugins/cccc

Identifiers

GHSA-f3gj-hvv4-f57v, CVE-2022-45395

Package Slug

maven/com.thalesgroup.jenkins-ci.plugins/cccc

Vulnerability

Improper Restriction of XML External Entity Reference

Description

Jenkins CCCC Plugin 0.6 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Affected Versions

All versions up to 0.6

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-11-22

source