CVE-2022-45386
Improper Restriction of XML External Entity Reference in maven/org.jenkins-ci.plugins/violations
Identifiers
GHSA-4598-wcg8-x56g, CVE-2022-45386
Package Slug
maven/org.jenkins-ci.plugins/violations
Vulnerability
Improper Restriction of XML External Entity Reference
Description
Jenkins Violations Plugin 0.7.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Affected Versions
All versions up to 0.7.11
Solution
Unfortunately, there is no solution available yet.
Last Modified
2022-11-22
| source |