CVE-2021-43577

Improper Restriction of XML External Entity Reference in maven/org.jenkins-ci.plugins/dependency-check-jenkins-plugin

Identifiers

CVE-2021-43577

Package Slug

maven/org.jenkins-ci.plugins/dependency-check-jenkins-plugin

Vulnerability

Improper Restriction of XML External Entity Reference

Description

Jenkins OWASP Dependency-Check Plugin does not configure its XML parser to prevent XML external entity (XXE) attacks.

Affected Versions

All versions up to 5.1.1

Solution

Unfortunately, there is no solution available yet.

Last Modified

2021-11-18

source