CVE-2022-43430
published 2022-10-19CVE-2022-43430: Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | bmc_ami_devx_code_debug_code_coverage_plugin | — | — |
| jenkins | bmc_ami_devx_total_test_plugin | — | — |
| jenkins | bmc_ami_strobe_measurement_task_plugin | — | — |
| jenkins | code_pipeline_plugin | — | — |
| jenkins | compuware_topaz_for_total_test | <= 2.4.8 | — |
| jenkins | compuware_topaz_utilities_plugin | — | — |
| jenkins | contrast_continuous_application_security_plugin | — | — |
| jenkins | credentials_plugin | — | — |
| jenkins | custom_checkbox_parameter_plugin | — | — |
| jenkins | cve-2022-43401_in_script_security_plugin | — | — |
| jenkins | declarative_plugin | — | — |
| jenkins | deprecated_groovy_libraries_plugin | — | — |
| jenkins | fireline_plugin | — | — |
| jenkins | generic_webhook_trigger_plugin | — | — |
| jenkins | gitlab_plugin | — | — |
| jenkins | groovy_libraries_plugin | — | — |
| jenkins | groovy_plugin | — | — |
| jenkins | input_step_plugin | — | — |
| jenkins | job_import_plugin | — | — |
| jenkins | job_plugin | — | — |
| jenkins | katalon_plugin | — | — |
| jenkins | mercurial_plugin | — | — |
| jenkins | nunit_plugin | — | — |
| jenkins | repo_plugin | — | — |
| jenkins | s3_explorer_plugin | — | — |