vulnerability

Red Hat OpenShift: CVE-2020-2304: jenkins-2-plugins/subversion: XML parser is not preventing XML external entity (XXE) attacks

Severity
4
CVSS
(AV:N/AC:L/Au:S/C:P/I:N/A:N)
Published
Nov 4, 2020
Added
Jan 20, 2021
Modified
Apr 14, 2025

Description

Jenkins Subversion Plugin 2.13.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Solution

linuxrpm-upgrade-jenkins-2-plugins
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.