CVE-2019-10327 is a vulnerability in Jenkins Pipeline Maven Integration
Published on May 31, 2019
An XML external entities (XXE) vulnerability in Jenkins Pipeline Maven Integration Plugin 1.7.0 and earlier allowed attackers able to control a temporary directory's content on the agent running the Maven build to have Jenkins parse a maliciously crafted XML file that uses external entities for extraction of secrets from the Jenkins master, server-side request forgery, or denial-of-service attacks.
Products Associated with CVE-2019-10327
Want to know whenever a new CVE is published for Jenkins Pipeline Maven Integration? stack.watch will email you.
Affected Versions
Jenkins project Jenkins Pipeline Maven Integration Plugin Version 1.7.0 and earlier is affected by CVE-2019-10327Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.