Description
Hudson (aka org.jvnet.hudson.main:hudson-core) before 3.3.2 allows XXE attacks.
Remediation
References
https://github.com/advisories/GHSA-j3h2-8mf8-j5r2
https://security.snyk.io/vuln/SNYK-JAVA-ORGJVNETHUDSONMAIN-31221
https://wiki.eclipse.org/Hudson-ci/alerts/CVE-2015-8031
Related Vulnerabilities
CVE-2020-9492 Vulnerability in maven package org.apache.hadoop:hadoop-hdfs-client
CVE-2023-24057 Vulnerability in maven package ca.uhn.hapi.fhir:org.hl7.fhir.utilities
CVE-2021-23375 Vulnerability in npm package psnode
CVE-2022-4565 Vulnerability in maven package cn.hutool:hutool-core
CVE-2022-24197 Vulnerability in maven package com.itextpdf:itext7-core