CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45391
https://notcve.org/view.php?id=CVE-2022-45391
Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 and earlier globally and unconditionally disables SSL/TLS certificate and hostname validation for the entire Jenkins controller JVM. Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.143 y versiones anteriores deshabilita global e incondicionalmente el certificado SSL/TLS y la validación del nombre de host para toda la JVM del controlador Jenkins. • http://www.openwall.com/lists/oss-security/2022/11/15/4 https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2910%20%281%29 • CWE-295: Improper Certificate Validation •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-45388
https://notcve.org/view.php?id=CVE-2022-45388
Jenkins Config Rotator Plugin 2.0.1 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing unauthenticated attackers to read arbitrary files with '.xml' extension on the Jenkins controller file system. Jenkins Config Rotator Plugin 2.0.1 y versiones anteriores no restringen un parámetro de consulta de nombre de archivo en un endpoint HTTP, lo que permite a atacantes no autenticados leer archivos arbitrarios con la extensión '.xml' en el sistema de archivos del controlador Jenkins. • http://www.openwall.com/lists/oss-security/2022/11/15/4 https://www.jenkins.io/security/advisory/2022-11-15/#SECURITY-2842 •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43403 – jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin
https://notcve.org/view.php?id=CVE-2022-43403
A sandbox bypass vulnerability involving casting an array-like value to an array type in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. Una vulnerabilidad de omisión del sandbox que involucra la fundición de un valor de tipo array a un tipo de array en Jenkins Script Security Plugin versiones 1183.v774b_0b_0a_451 y anteriores, permite a atacantes con permiso para definir y ejecutar scripts en sandbox, incluyendo Pipelines, omitir la protección del sandbox y ejecutar código arbitrario en el contexto de la JVM del controlador de Jenkins A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins. • http://www.openwall.com/lists/oss-security/2022/10/19/3 https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29 https://www.secpod.com/blog/oracle-releases-critical-security-updates-january-2023-patch-now https://access.redhat.com/security/cve/CVE-2022-43403 https://bugzilla.redhat.com/show_bug.cgi?id=2136382 • CWE-693: Protection Mechanism Failure •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43404 – jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin
https://notcve.org/view.php?id=CVE-2022-43404
A sandbox bypass vulnerability involving crafted constructor bodies and calls to sandbox-generated synthetic constructors in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. Una vulnerabilidad de omisión del sandbox que implica cuerpos de constructores diseñados y llamadas a constructores sintéticos generados por la sandbox en Jenkins Script Security Plugin versiones 1183.v774b_0b_0a_451 y anteriores, permite a atacantes con permiso para definir y ejecutar scripts con sandbox, incluyendo Pipelines, omitir la protección del sandbox y ejecutar código arbitrario en el contexto de la JVM del controlador de Jenkins A sandbox bypass vulnerability was found in several Jenkins plugins. This could allow an authenticated attacker to execute arbitrary code within the Jenkins JVM controller. Exploitation could be achieved by crafting untrusted libraries or pipelines, compromising the integrity, availability, and confidentiality of Jenkins. • http://www.openwall.com/lists/oss-security/2022/10/19/3 https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2824%20%281%29 https://access.redhat.com/security/cve/CVE-2022-43404 https://bugzilla.redhat.com/show_bug.cgi?id=2136383 • CWE-693: Protection Mechanism Failure •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43412
https://notcve.org/view.php?id=CVE-2022-43412
Jenkins Generic Webhook Trigger Plugin 1.84.1 and earlier uses a non-constant time comparison function when checking whether the provided and expected webhook token are equal, potentially allowing attackers to use statistical methods to obtain a valid webhook token. Jenkins Generic Webhook Trigger Plugin versiones 1.84.1 y anteriores, usa una función de comparación de tiempo no constante cuando comprueba si el token de webhook proporcionado y el esperado son iguales, permitiendo potencialmente a atacantes usar métodos estadísticos para obtener un token de webhook válido • http://www.openwall.com/lists/oss-security/2022/10/19/3 https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2874 • CWE-203: Observable Discrepancy •