Jenkins - Self-organizing Swarm Modules CVE

Filtered by vendor Jenkins Subscribe

Filtered by product Self-organizing Swarm Modules

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-10309	1 Jenkins	1 Self-organizing Swarm Modules	2019-05-06	4.8 MEDIUM	9.3 CRITICAL
Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing unauthorized attackers on the same network to read arbitrary files from Swarm clients.

Vulnerabilities (CVE)