vulnerability

Red Hat OpenShift: CVE-2015-1809: jenkins: external entity injection via XPath (SECURITY-165)

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Oct 8, 2019
Added
Oct 8, 2019
Modified
Apr 14, 2025

Description

XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query.

Solution

linuxrpm-upgrade-jenkins
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.