Skip to main content

Token Macro

2 CVEs product

Monthly

CVE-2019-10337 Maven HIGH PATCH This Week

An XML external entities (XXE) vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the "XML" macro to have Jenkins. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE SSRF Jenkins Token Macro
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2019-1003011 Maven HIGH PATCH This Week

An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Denial Of Service Jenkins Information Disclosure Token Macro +1
NVD
CVSS 3.1
8.1
EPSS
2.0%
EPSS 2% CVSS 7.5
HIGH PATCH This Week

An XML external entities (XXE) vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the "XML" macro to have Jenkins. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE SSRF Jenkins +1
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Java Denial Of Service Jenkins +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy