CVE-2021-21657
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2021-21657
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-21657.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2021-21657
- Aliases
- Published
- 2021-05-25T17:15:08.037Z
- Modified
- 2025-11-14T11:14:24.922403Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Jenkins Filesystem Trigger Plugin 0.40 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
- References
Affected packages
Git / github.com/jenkinsci/fstrigger-plugin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jenkinsci/fstrigger-plugin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
fstrigger-0.*
fstrigger-0.10
fstrigger-0.10.1
fstrigger-0.11
fstrigger-0.12
fstrigger-0.13
fstrigger-0.14
fstrigger-0.15
fstrigger-0.16
fstrigger-0.17
fstrigger-0.18
fstrigger-0.19
fstrigger-0.20
fstrigger-0.21
fstrigger-0.22
fstrigger-0.24
fstrigger-0.25
fstrigger-0.26
fstrigger-0.27
fstrigger-0.28
fstrigger-0.29
fstrigger-0.30
fstrigger-0.31
fstrigger-0.32
fstrigger-0.33
fstrigger-0.34
fstrigger-0.35
fstrigger-0.36
fstrigger-0.37
fstrigger-0.38
fstrigger-0.39
fstrigger-0.40
fstrigger-0.7
fstrigger-0.8
fstrigger-0.9
Other
help