Maven package
org.jenkins-ci.plugins/urltrigger
pkg:maven/org.jenkins-ci.plugins/urltrigger
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-21659 | — | < 0.49 | 0.49 | May 25, 2021 | Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||
| CVE-2018-1000606 | — | < 0.43 | 0.43 | Jun 26, 2018 | A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. |
- CVE-2021-21659May 25, 2021affected < 0.49fixed 0.49
Jenkins URLTrigger Plugin 0.48 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
- CVE-2018-1000606Jun 26, 2018affected < 0.43fixed 0.43
A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.