CVE-2021-21642

Summary

Jenkins Config File Provider Plugin 3.7.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Config File Provider Pluginunspecified <= 3.7.0affected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References