cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-10337,https://securityvulnerability.io/vulnerability/CVE-2019-10337,,"An XML external entities (XXE) vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the ""XML"" macro to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side request forgery, or denial-of-service attacks.",Jenkins,Jenkins Token Macro Plugin,7.5,HIGH,0.0057299998588860035,false,,false,false,false,,,false,false,,2019-06-11T13:15:27.000Z,0
CVE-2019-1003011,https://securityvulnerability.io/vulnerability/CVE-2019-1003011,,"An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/AbstractChangesSinceMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ChangesSinceLastBuildMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ProjectUrlMacro.java that allows attackers with the ability to control token macro input (such as SCM changelogs) to define recursive input that results in unexpected macro evaluation.",Jenkins,Jenkins Token Macro Plugin,8.1,HIGH,0.0024399999529123306,false,,false,false,false,,,false,false,,2019-02-06T16:00:00.000Z,0