VYPR
Medium severity4.3NVD Advisory· Published Sep 6, 2017· Updated Jun 17, 2026

CVE-2015-3160

CVE-2015-3160

Description

XML external entity (XXE) vulnerability in bkr/server/jobs.py in Beaker before 20.1 allows remote authenticated users to obtain sensitive information via submitting job XML to the server containing entity references which reference files from the Beaker server's file system.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Beaker/Beaker2 versions
    cpe:2.3:a:beaker-project:beaker:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:beaker-project:beaker:*:*:*:*:*:*:*:*range: <=20.0
    • (no CPE)range: <20.1

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.