High severityNVD Advisory· Published Oct 19, 2022· Updated May 9, 2025
CVE-2022-43415
CVE-2022-43415
Description
Jenkins REPO Plugin 1.15.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:repoMaven | < 1.16.0 | 1.16.0 |
Affected products
2- Range: unspecified
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-2w2m-ccf8-57cqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-43415ghsaADVISORY
- www.openwall.com/lists/oss-security/2022/10/19/3ghsamailing-listWEB
- github.com/jenkinsci/repo-plugin/commit/4c4a72c7de3d3e5bbbad223605ea264dcec56bc1ghsaWEB
- www.jenkins.io/security/advisory/2022-10-19/ghsaWEB
News mentions
0No linked articles in our index yet.