GHSA-qj27-w92h-fc9r, CVE-2015-1809
maven/org.jenkins-ci.main/jenkins-core
Improper Restriction of XML External Entity Reference
XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query.
All versions before 1.596.1, all versions starting from 1.597 before 1.600
Upgrade to versions 1.596.1, 1.600 or above.
2024-01-31
source |