Security Advisory

CVE-2019-16549

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-12-17 14:40:45

Last updated 2024-08-05 01:17:40

Assigner jenkins

State PUBLISHED

Description

Jenkins Maven Release Plugin 0.16.1 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks, allowing man-in-the-middle attackers to have Jenkins parse crafted XML documents.

← Browse all CVEs View on cve.org ↗