GHSA-qg7x-4h4q-3m49, CVE-2015-1811
maven/org.jenkins-ci.main/jenkins-core
Improper Restriction of XML External Entity Reference
XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via a crafted XML document.
All versions before 1.596.1, all versions starting from 1.597 before 1.600
Upgrade to versions 1.596.1, 1.600 or above.
2024-01-31
source |