Skip to main content

Dry

2 CVEs product

Monthly

CVE-2018-1000010 Maven HIGH PATCH This Week

Jenkins DRY Plugin 2.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE SSRF Dry
NVD
CVSS 3.0
8.8
EPSS
0.9%
CVE-2017-1000103 Maven MEDIUM PATCH This Month

The custom Details view of the Static Analysis Utilities based DRY Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dry
NVD
CVSS 3.0
5.4
EPSS
0.0%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Jenkins DRY Plugin 2.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Jenkins XXE SSRF +1
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

The custom Details view of the Static Analysis Utilities based DRY Plugin, was vulnerable to a persisted cross-site scripting vulnerability: Malicious users able to influence the input to this plugin. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dry
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy