admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2018/1000xxx/CVE-2018-1000008.json

1 line
962 B
JSON
Raw Normal View History

Jenkins updates
2018-01-22 20:33:47 -07:00
{"data_version": "4.0","references": {"reference_data": [{"url": "https://jenkins.io/security/advisory/2018-01-22/"}]},"description": {"description_data": [{"lang": "eng","value": "Jenkins PMD Plugin processes XML external entitites in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks."}]},"data_type": "CVE","affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "3.49 and earlier"}]},"product_name": "Jenkins PMD Plugin"}]},"vendor_name": "Jenkins PMD Plugin"}]}},"CVE_data_meta": {"DATE_ASSIGNED": "2018-01-22","ID": "CVE-2018-1000008","ASSIGNER": "kurt@seifried.org","REQUESTER": "ml@beckweb.net"},"data_format": "MITRE","problemtype": {"problemtype_data": [{"description": [{"lang": "eng","value": "XML External Entity Processing"}]}]}}
Reference in New Issue Copy Permalink