CPE Details
Jenkins Token Macro 2.6 for Jenkins
2.6
2019-02-06
18h53 +00:00
18h53 +00:00
2019-02-06
18h53 +00:00
18h53 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:jenkins:token_macro:2.6:*:*:*:*:jenkins:*:*
Informations
Vendor
jenkinsProduct
token_macroVersion
2.6Target Software
jenkinsRelated CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| An XML external entities (XXE) vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the "XML" macro to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side request forgery, or denial-of-service attacks. | 7.5 |
High |
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.