CVE-2015-5319 in Jenkinsinformation

Résumé (Anglaise)

XML external entity (XXE) vulnerability in the create-job CLI command in CloudBees Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to read arbitrary files via a crafted job configuration that is then used in an "XML-aware tool," as demonstrated by get-job and update-job.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Réserver

01/07/2015

Divulgation

25/11/2015

Statut

Confirmé

Entrées

VulDB provides additional information and datapoints for this CVE:

ID	Vulnérabilité	CWE	Exp	Con	CVE
79320	CloudBees Jenkins CLI XML External Entity	611	Non défini	Correctif officiel	CVE-2015-5319

Description

CPE

CWE

CVSS

Exploits

Histoire

Diff

Relier

Renseignements sur les menaces

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PrécédentAperçuSuivant ▸

Want to know what is going to be exploited?

We predict KEV entries!