XML-Parser Expat (CVE-2022-23852)
Posted on 2022-02-02 by Eduard Heimbuch
Hey SCM-Manager Community,
Maybe you have heard about a new vulnerability regarding Expat which is likely as dangerous as Log4Shell.
The SCM-Manager is only affected if you have the PlantUML-Plugin installed. We highly recommend uninstalling this plugin until we can provide a fixed version. If your SCM-Manager is running inside the Cloudogu Ecosystem you also need to take down the PlantUML Dogu.
Also find the related forum post here.