Security Advisory

CVE-2019-10309

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-04-30 12:25:17

Last updated 2024-08-04 22:17:20

Assigner jenkins

State PUBLISHED

Description

Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing unauthorized attackers on the same network to read arbitrary files from Swarm clients.

← Browse all CVEs View on cve.org ↗