CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25181 – workflow-cps-global-lib: Sandbox bypass vulnerability
https://notcve.org/view.php?id=CVE-2022-25181
A sandbox bypass vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier allows attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM through crafted SCM contents, if a global Pipeline library already exists. Una vulnerabilidad de omisión de sandbox en Jenkins Pipeline: Shared Groovy Libraries Plugin versiones 552.vd9cc05b8a2e1 y anteriores, permite a atacantes con permiso Item/Configure ejecutar código arbitrario en el contexto de la JVM del controlador Jenkins mediante contenidos SCM diseñados especialmente, si ya se presenta una biblioteca global de Pipeline A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries Plugin uses the same workspace directory for all checkouts of Pipeline libraries with the same name, regardless of the SCM used and the source of the library configuration. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins controller, JVM, through crafted SCM contents if a global Pipeline library already exists. • https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2441 https://access.redhat.com/security/cve/CVE-2022-25181 https://bugzilla.redhat.com/show_bug.cgi?id=2055797 • CWE-179: Incorrect Behavior Order: Early Validation •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25180 – workflow-cps: Password parameters are included from the original build in replayed builds
https://notcve.org/view.php?id=CVE-2022-25180
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier includes password parameters from the original build in replayed builds, allowing attackers with Run/Replay permission to obtain the values of password parameters passed to previous builds of a Pipeline. Jenkins Pipeline: Groovy Plugin versiones 2648.va9433432b33c y anteriores, incluye parámetros de contraseña de la construcción original en construcciones reproducidas, permitiendo a atacantes con permiso Run/Replay obtener los valores de los parámetros de contraseña pasados a construcciones anteriores de un Pipeline A flaw was found in Jenkins. The Pipeline: Groovy Plugin includes password parameters from the original build in replayed builds. This flaw allows attackers with run/replay permission to obtain the values of password parameters passed to previous builds of a Pipeline. • https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2443 https://access.redhat.com/security/cve/CVE-2022-25180 https://bugzilla.redhat.com/show_bug.cgi?id=2055795 • CWE-319: Cleartext Transmission of Sensitive Information CWE-522: Insufficiently Protected Credentials •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25178 – workflow-cps-global-lib: Pipeline-related plugins follow symbolic links or do not limit path names
https://notcve.org/view.php?id=CVE-2022-25178
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier does not restrict the names of resources passed to the libraryResource step, allowing attackers able to configure Pipelines permission to read arbitrary files on the Jenkins controller file system. Jenkins Pipeline: Shared Groovy Libraries Plugin versiones 552.vd9cc05b8a2e1 y anteriores, no restringen los nombres de los recursos pasados al paso libraryResource, permitiendo a atacantes capaces de configurar el permiso de Pipelines para leer archivos arbitrarios en el sistema de archivos del controlador de Jenkins A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries does not restrict the names of resources passed to the libraryResource step. This flaw allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system. • https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613 https://access.redhat.com/security/cve/CVE-2022-25178 https://bugzilla.redhat.com/show_bug.cgi?id=2055789 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25177 – workflow-cps-global-lib: Pipeline-related plugins follow symbolic links or do not limit path names
https://notcve.org/view.php?id=CVE-2022-25177
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier follows symbolic links to locations outside of the expected Pipeline library when reading files using the libraryResource step, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system. Jenkins Pipeline: Shared Groovy Libraries Plugin versiones 552.vd9cc05b8a2e1 y anteriores, sigue enlaces simbólicos a ubicaciones fuera de la biblioteca esperada de Pipeline cuando lee archivos usando el paso libraryResource, permitiendo a atacantes capaces de configurar Pipelines para leer archivos arbitrarios en el sistema de archivos del controlador de Jenkins A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries follows symbolic links to locations outside of the expected Pipeline library when reading files using the libraryResource step. This flaw allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system. • https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613 https://access.redhat.com/security/cve/CVE-2022-25177 https://bugzilla.redhat.com/show_bug.cgi?id=2055788 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-25176 – workflow-cps: Pipeline-related plugins follow symbolic links or do not limit path names
https://notcve.org/view.php?id=CVE-2022-25176
Jenkins Pipeline: Groovy Plugin 2648.va9433432b33c and earlier follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system. Jenkins Pipeline: Groovy Plugin versiones 2648.va9433432b33c y anteriores, sigue enlaces simbólicos a ubicaciones fuera del directorio de checkout para el SCM configurado cuando lee el archivo de script (típicamente Jenkinsfile) para Pipelines, permitiendo a atacantes capaces de configurar Pipelines para leer archivos arbitrarios en el sistema de archivos del controlador de Jenkins A flaw was found in Jenkins. The Pipeline: Groovy Plugin follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines. This flaw allows attackers who can configure Pipelines to read arbitrary files on the Jenkins controller file system. • https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2613 https://access.redhat.com/security/cve/CVE-2022-25176 https://bugzilla.redhat.com/show_bug.cgi?id=2055787 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •