Lucene search
PRIOn knowledge basePRION:CVE-2019-10337HistoryJun 11, 2019 - 2:29 p.m.
Server side request forgery (ssrf)
2019-06-1114:29:00
PRIOn knowledge base
www.prio-n.com
4
An XML external entities (XXE) vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the “XML” macro to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side request forgery, or denial-of-service attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| token_macro | le | 2.7 |
Related
nvd
nvd
CVE-2019-10337
2019-06-11 14:29:01
osv
osv
CVE-2019-10337
2019-06-11 14:29:01
github
github
cvelist
cvelist
CVE-2019-10337
2019-06-11 13:15:27
cve
cve
CVE-2019-10337
2019-06-11 14:29:01
redhatcve
redhatcve
CVE-2019-10337
2020-04-09 07:16:10
veracode
veracode
XML External Entity (XXE)
2019-07-08 00:07:30
redhat
redhat
nessus
nessus
RHEL 7 : OpenShift Container Platform 4.1 jenkins-2-plugins (RHSA-2019:1636)
2019-07-05 00:00:00
RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2019:1851)
2019-07-25 00:00:00