[org.jenkins-ci.plugins:repo] Jenkins REPO Plugin does not configure XML parser to prevent XXE attacks

MODERATE

Posted byGitHub
10/20/202210/20/2022

もっと詳しく

Jenkins REPO Plugin 1.15.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. REPO Plugin 1.16.0 disables external entity resolution for its XML parser.

References