Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
References
Link | Resource |
---|---|
https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2625 | Vendor Advisory |
http://www.openwall.com/lists/oss-security/2022/10/19/3 | Mailing List Third Party Advisory |
Configurations
Information
Published : 2022-10-19 09:15
Updated : 2022-10-21 19:19
NVD link : CVE-2022-43430
Mitre link : CVE-2022-43430
JSON object : View
CWE
CWE-611
Improper Restriction of XML External Entity Reference
Products Affected
jenkins
- compuware_topaz_for_total_test