{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2018-1000009","title":"Title"},{"category":"description","text":"Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2018-1000009","url":"https://www.suse.com/security/cve/CVE-2018-1000009"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1077263 for CVE-2018-1000009","url":"https://bugzilla.suse.com/1077263"},{"category":"external","summary":"SUSE Bug 1079371 for CVE-2018-1000009","url":"https://bugzilla.suse.com/1079371"}],"title":"SUSE CVE CVE-2018-1000009","tracking":{"current_release_date":"2025-02-18T06:48:58Z","generator":{"date":"2023-02-15T04:20:30Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2018-1000009","initial_release_date":"2023-02-15T04:20:30Z","revision_history":[{"date":"2023-02-15T04:20:30Z","number":"2","summary":"Current version"},{"date":"2025-01-01T07:10:43Z","number":"3","summary":"Current version"},{"date":"2025-02-15T07:52:41Z","number":"4","summary":"Current version"},{"date":"2025-02-18T06:48:58Z","number":"5","summary":"Current version"}],"status":"interim","version":"5"}}}