CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-1809

XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 33.9%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://bugzilla.redhat.com/show_bug.cgi?id=1205625
https://jenkins.io/security/advisory/2015-02-27/
https://bugzilla.redhat.com/show_bug.cgi?id=1205625
https://jenkins.io/security/advisory/2015-02-27/

Products affected by CVE-2015-1809

Jenkins » Cloudbees » Version: Any

cpe:2.3:a:jenkins:cloudbees:*
Jenkins » Cloudbees » Version: 1.596.1

cpe:2.3:a:jenkins:cloudbees:1.596.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-1809

Products

Pricing

Contact Us